Mobile Apps Trade Safe Practices for Money: Report
Ninety-five percent of the top free iOS and Android apps, which overwhelmingly use ad networks to generate cash, show at least one risky behavior.The vast majority of Android and iOS apps show risky behavior, mainly driven by third-party advertising networks, according to two reports on the mobile software ecosystem published this week. In an analysis of the top 100 paid and top 100 free apps on both iOS and Android, security firm Appthority found that free apps continued to exhibit risky behavior more often than paid apps. Collectively, 95 percent of the top 200 free apps—100 on iOS and 100 on Android—performed at least one risky behavior, such as tracking location, sharing data with advertising networks or identifying the user or user's device, according to the company's Winter 2014 App Reputation Report. While paid apps appear to be less risky than free apps, 80 percent still show risky behavior, Domingo Guerra, co-founder and president of Appthority, told eWEEK. "We have to be more cautious users and refuse to install apps that collect too much data," he said. "There is no reason for these apps to be collecting a lot of this data." A second report found that users are also more at risk from malicious apps on the Google Play store. RiskIQ, a security intelligence firm, found that four times as many malicious Android apps made it onto the Google Play store in 2013, compared with the number that did so in 2011. At the same time, Google removed fewer of the apps:23 percent in 2013, compared with 60 percent in 2011, the firm claims. Apps for personalizing Android phones top the lists of categories that were most likely to be malicious, the company said.
"Customers and consumers should be careful when downloading mobile apps and make every effort to vet them as being legitimate," Elias Manousos, CEO of RiskIQ, said in response to an email query from eWEEK. "Companies should invest in new security services that continuously monitor app stores, Websites and advertisements for malware."