James Patterson | 24 Jun 2019
Security researchers this week revealed that upwards of three-quarters of smartphone apps on both iOS and Android alike have insecure storage. All user data from passwords, real-time location, and financial information has little to no encryption and is open to anyone who has the means to access it.
To make matters worse, poor storage security was just one of many common flaws found in applications. There were also data communication issues that left user data unencrypted on its way to application servers – think of this like a cash-filled armed truck, with no armour, that’s open to anyone.
There were also session time issues within apps. These session times are what smartphone apps and websites use to understand when you’re using a feature, and when you’ve finished. When implemented correctly, a session time expiration will lock down your account or keep it aware of malicious log-in attempts when you’re offline.
After weeks of research and cybersecurity experts delving into smartphone applications, the general consensus was that the situation really is remarkably terrible. Applications on all app stores, including the Australian iOS and Play Store, were littered with insecure apps.
Research companies floated the idea that developers ware far more focused on user experience and designing beautiful apps, rather than apps that were safe and able to withstand cyber attacks.
The final result revealed that 43 per cent of Android applications were open to exploitation and hacking, while a lesser 38 per cent on iOS.
Where the issue does become more troublesome is that every problem we’ve highlighted thus far can be exploited by cybercriminals who don’t even have access to your device. All they need is a general idea of where the data is coming from, a piece of tailored malware and information on where your data is going to be able to intercept and ‘steal’ it from you or the app’s developer.
Although there’s not too much you can do to repair a poorly designed application; the good news is that the majority of the security flaws are concerning the transmission of data – which can be assisted by VPNs.
To add, most applications on Android and iOS often ask you for your permission to access data such as messages, phone calls, the camera and more, and we suggest you deny access to all of these applications. If you do the best you can to prevent the application from accessing your data, you will stop it from being able to absorb it and share it back to the servers.
It might also be in your best interest to subscribe to VPN services on your smartphones to keep the app services in line. We recommend NordVPN, ExpressVPN, CyberGhost because they are leading companies in the vpn industry. Their Android and iOS vpn apps are first class, and offer military-grade encryption for outgoing communication, making it incredibly difficult for hackers to steal data on its way to application servers.
Post Views: 9