Top Mobile Apps Overwhelmingly Leak Private Data: Study
More than 80 percent of the top-100 free and paid apps on iOS and Android leak some information, application-analysis firm Appthority reported.Free mobile applications put users' privacy at risk more often than paid apps, and iOS applications are more likely to transmit private information than Android applications, according to a survey of the top-400 mobile applications conducted by application-analysis firm Appthority. The survey, released the day before the Black Hat security conference in Las Vegas, found that 95 percent of the top-100 free apps for both iOS and Android exhibited at least one kind of privacy-compromising behavior, while 78 percent of paid apps leaked similar data. Risky behavior included sending data on the location of the device, identifying the user, leaking address book information, or using single sign-on (SSO), which allows a single company to track the user across multiple applications. "While IT professionals are eying malware as, perhaps, a future problem, they are seeing data leakage and corporate risk and privacy risk as current problems," Domingo Guerra, president and co-founder of Appthority, told eWEEK. Although many security firms have focused on malware as the most serious threat to mobile users, in most countries infections by malicious software continues to be rare. Instead, mobile software developers in search of profits are adopting aggressive and questionable tactics—or advertising frameworks that use such tactics—to monetize their users.
With employees increasingly bringing their own devices into the workplaces, companies need to worry more about what information even personal applications are leaking. While such privacy issues have not always been seen as a significant threat, the potential of applications to grab corporate data as well as the user's personal information is a problem, said Guerra.