Android users beware – US mobile commerce apps aren’t as safe as you think
Recent security testing conducted by mobile security companies Appknox and SEWORKS reveals an estimated 40 of the top 50 Android mobile shopping apps in the United States have high-level vulnerabilities. The apps were tested across 34 different security testing categories.
Almost all apps are vulnerable to hackers.
The “Security Status in m-Commerce” report from Appknox and SEWORKS found that over 84% of the shopping apps tested had a minimum of three high-level security vulnerabilities. What’s more, all 50 that were tested had security risks.
The reports findings also reveal that all apps are susceptible to hackers. Some of the key problems the mobile security companies noted included inserting data that doesn’t belong to the apps and the ability to modify the way in which the app operates.
Moreover, hackers are able to access sensitive data in 70% of the security tested Android mobile shopping apps. Additionally, hackers can modify the apps’ internal structure. They can even trick users into thinking that they are still interacting with the original app while in reality they’re actually communicating with the compromised application.
There were a total of 274 vulnerabilities detected in the tested Android mobile shopping apps.
Of these vulnerabilities, one of the most alarming was 64% of the apps tested were affected by an “app extending webview client.” This allows for hackers to deceive users into entering their sensitive personal information into copied or fake apps.
The results of this breach in user privacy included the loss of personal data, damages and SSL compromises, according to Appknox.
“It’s important for businesses to become proactive and perform a security check before launching mobile apps,” said Appknox co-founder and CMO Prateek Panda. “This report is an attempt to encourage a step in that direction.”
Unfortunately, reduced mobile security level isn’t uncommon among companies seeking to raise business performance. In fact, one third of firms are not adequately equipped to deal with smartphone security concerns, QR Code Press reported.
That said, the Appknox CMO stated that they chose Android mobile shopping apps for their security test because it’s one of the categories that has the most downloaded apps, and these apps also happen to be linked to numerous financial transactions every day.