Security in Mobile Apps
The Importance Of Mobile Applications
The importance of mobile phones in our everyday life and activities is undeniably unending. This is so because there is ongoing tremendous transformation in that mobile phones are no longer the ordinary communication device it used to be. The cumulative progress of mobile technology, the availability and access to high speed internet and the remarkable communicative interface in these devices results into a whole level of new and innovative experience mobile computing.
Some interesting facts:
- Mobile apps are expected to generate 189$ billion in revenue by 2020.
- The Apple App Store has 2.2 million apps available for download.
- There are 2.8 million apps available for download on the Google Play Store.
- 21% of Millennials open an app 50+ times per day.
- 49% of people open an app 11+ times each day.
- 57% of all digital media usage comes from mobile apps.
- The average smartphone owner uses 30 apps each month.
More information: https://buildfire.com/app-statistics/
The use of applications on our smartphones is increasing over time, but do we really know what it means to use an application and what it can mean in the event of a security breach?
For the vast majority of applications, they ask us for a record, where we must put our data:
- Name
- Phone
- Adress
The data they ask us for may vary depending on the type of application.
Are safe?
Let’s look at some examples of large apps with security breaches that have exposed their users' data.
WhatsApp:
As the Financial Times first reported, WhatsApp contained a vulnerability in its VOIP function that allowed attackers to inject malware onto the victim’s device simply by calling their phone. The flaw was exploited in the wild in at least one set of attacks where commercial spyware was installed on the phones of a group of UK human rights lawyers. WhatsApp, which Facebook bought for $19 billion in 2014, has since patched the flaw.
Facebook:
Back in 2018, Facebook also became notable as the victim of one of the most serious web application hacks.. In the case of the Facebook hack, attackers exploited flaws in its “View As” function, which mistakenly gave them OAuth tokens, affording them complete access to an account. This allowed the hacker to access any account that was signed into through Facebook. It was estimated that up to 50 million users could have been affected. More information: https://www.intertrust.com/blog/six-of-the-largest-app-related-data-breaches/ Our data is the most important value and as an end user we must be aware of the importance of making use of this data in any application.
At Quarbit we care about the safety of end-users and that is why we are dedicated to offering scores so that you can easily and quickly see if a platform has the minimum score to be able to use it. These scores are the results of many controls that we automatically and periodically perform on fintech companies, analyzing their exposed and public resources.