Page 44 - index
P. 44
Your Favorite Android and iOS Apps Are Your Biggest Security
Risk
By Domingo Guerra, President & Co-founder, Appthority
It is important to continuously monitor the app ecosystem. Mobile app titles in the Apple App
Store and Google Play top 100 are constantly changing. Beyond changing app titles, apps
themselves change versions, creating a net new app, almost every month. For this reason,
analysis of the top 100 apps at any given point in time quickly becomes stale if it is not
continuously monitored and updated.
As a result, personal privacy and security can easily become compromised. At Appthority, our
Mobile App Risk Management Service has evaluated the security risks behind more than 2.5
million apps. We recently released the Winter 2014 App Reputation Report, which provided an
overview of the privacy and security risks behind the world’s most popular mobile apps. Our
findings provided broad insight into the evolution of the app economy. So, where are we
headed? When it comes to app-use, how tender-footed do we need to be?
Today, developers face stiff competition. With more than two million apps in the App Store and
Google Play, developers must ensure that their apps are downloaded enough to make it to the
top (or close to it). From 2013 to 2014, the Appthority Service found that the top 100 paid apps
remained more stable than the top 100 free apps, which experienced greater disturbance and
churn. The result? Developers who break into the top 100 paid apps are rewarded with staying
power and brand recognition than those who create free apps. Beyond the download,
developers of free apps often seek out additional ways to generate revenue. (This is especially
true if their app offers a free download.) App discovery by target consumers is slow, and free
app developers are completely dependent on other revenue streams apart from the initial
download cost. After the initial free app download, developers often make money at the cost of
users’ privacy and security.
Have you ever noticed an app running constantly and unnecessarily in the background? It’s
possible that the app is tracking your location and sharing it with outside parties for their
advertising purposes. This may be proof that your app’s developer employed a popular method
to generate supplementary income: sharing your data with advertising and analytics companies.
In some cases, developers are paid based on the amount of user data they collect and share.
Of the top 200 iOS apps (100 free and 100 paid) tested by the Appthority App Risk
Management Service, 56% tracked for location. Of the top 200 Android apps, 58% tracked for
location.
But wait! We’re not done. When comparing the top iOS and Android apps (both paid and free),
iOS apps exhibited a greater percentage of risky behaviors than Android apps did. Appthority
determined that 91% of iOS apps exhibit at least one risky behavior, as compared to 83% of
Android apps. Of the 200 iOS apps the Appthority App Risk Management Service tested (100
free, 100 paid), 56% tracked for location, 63% used single sign-on, 55% offered in-app
44 Cyber Warnings E-Magazine – April 2014 Edition
Copyright © Cyber Defense Magazine, All rights reserved worldwide
