ViaForensics' appWatchdog study has found that several iPhone and Android applications are lacking when it comes to proper security. Perhaps the most alarming aspect of the security firm's study is the popularity and widespread use of some of the apps in question, meaning that the amount of users affected or at risk is likely very high.
The appWatchdog study examined how popular apps store sensitive data. Surprisingly, well-known and respected companies such as Foursquare, LinkedIn, Netflix, and WordPress had apps that earned a fail rating through the study for a failure to properly secure sensitive data. The Android version of Netflix's application received a negative rating for failing to securely store customer passwords. This result is a bit odd, considering that the iPhone version of the Netflix app earned a high passing grade in terms of storing customer passwords in a secure manner. Netflix quickly responded to the negative findings on its Android app by expressing intentions to fix the the security issues. A company spokesman told CNET, “Netflix members' privacy and personal-information security are a top priority for Netflix."
Foursquare responded to the appWatchdog study's findings by taking some proactive measures as well. One Foursquare spokesperson wrote about the company's moves in a recent email statement to CNET: "If a user's Android device is stolen and the device is not password-protected, then a hacker with malicious intentions may be able to access that user's data. However, we haven't been notified of any such instances by our user base. Nevertheless, we pushed an update to all Android users on Tuesday, June 7, that will make even this type of access unavailable to hackers. We value the security of our users' personal information and are continually making enhancements to clear potential attack vectors that we become aware of."
Other apps that fared poorly in the study include LinkedIn's iPhone and Android apps, as well as WordPress' iPhone app. The study did not reveal only bad news, however, as banking apps from Bank of America, Citibank, Fidelity, and Wells Fargo earned solid scores.
As mentioned earlier, the popularity of the applications at the center of ViaForensics' study hints at the likelihood of many consumers being affected by security issues. Mobile applications are becoming more and more popular as time passes, with smartphones being seen as must-have products for many consumers, both casual and tech-savvy. Apple just released figures that claimed over 14 billion app downloads from its App Store since 2008. Not as popular, but still growing is Google's Android Market, which claims over 4.5 billion app downloads. Looking towards the future, a recent report from In-Stat projected that approximately 48 billion mobile applications will be downloaded by consumers in 2015.
A ViaForensics blog post discussed the reasoning behind the appWatchdog study: “It is ViaForensics' goal that this resource help inform consumers about potential data security risks posed by mobile apps by arming them with objective information and that app developers will be motivated to work hard to take all appropriate measures to secure their apps.”