Tag: mobile security breaches

Headline hacks aren’t enough for a mobile security boost

Despite the fact that there have been many high profile cases of cyber attacks, apps remain vulnerable.

A recent study conducted by Bluebox has shown that virtually no travel apps have gone to the extent of adding encrypted data to protect them from mobile security breaches, and several are made with vulnerable code.

Even though there have been countless cyber attacks in recent headlines, added security hasn’t become a priority.

The attacks to companies as large as Target and Ashley Madison could have acted like a mobile security wake up call, but it’s clear that this has not been the case. Even though the evidence is strong that mobile app security is important to consumers, and there is great concern about hacks among companies and individuals, alike, app developers don’t seem to be building it in. Bluebox, a mobile app security and analytics company has conducted an analysis that has shown that the average person is surprisingly vulnerable to hacking through mobile devices.

The focus on the mobile security study was primarily on travel apps, which showed considerable holes.

Mobile Security BoostAmong 10 top Android travel apps, Bluebox found that only one of them had encrypted the data that it was storing on the user’s device. Among 10 of the top iOS travel apps, there wasn’t a single one that had encrypted the data stored on the device. Furthermore, only 2 out of the 10 Android apps that were analyzed and only 1 of the 10 iOS apps analyzed had used certificate pinning. Bluebox explained that certificate pinning is “a key capability for securing app data in transit.”

The lead security analyst at Bluebox Security, Andrew Blaich, explained that among the most important activities of a mobile app is to ensure that it is encrypting data that is written. He also pointed out that “We also want to make sure that the data is not easily accessible at all.” Of all the apps that were analyzed in this study, only one of them had actually employed data encryption.

That said, it was pointed out that in that instance, this mobile security step was “hard-coded into the source code,” which means that it would still be simple for someone to decrypt the data from the source code.

Mobile security breaches in payments comes with a cost

Fraud is already rapidly on the rise in this sector which remains relatively limited, and it is only expected to grow.

When it comes to the adoption of smartphone based payments, one of the biggest concerns of consumers is mobile security, and for good reason, according to the latest data that has revealed that fraud in this area is a growing trend and it is coming at a considerable price.

The m-payments market was slow to get started, but it is experiencing some growth.

However, at the same time that m-payments are slowly growing, mobile security risks are increasing rapidly and are expected by experts to increase at a more rapid pace in coming years. This problem is expanded when m-commerce is taken into account, as shopping over smartphones has been taking off at a very rapid rate and is expected to become quite explosive over the upcoming holiday buying season.

A recent report has shown that the cost that mobile security issues is going to be a pricy one.

Mobile security breaches come with costAccording to the Gartner technology research group’s projections, over the next four years, m-payments will experience a 35 percent average annual growth rate, which will send the number of users to around 450 million, and the amount of spending over this method up to $721 billion by 2017. In North America, alone, there is expected to be a growth rate of 53 percent, this year, so that by the end of 2013, it will have reached $37 billion, when compared to last year’s $24 billion. This is positive news for that industry, but also represents a growing mobile security risk as it becomes a more lucrative target to potential scammers and thieves.

All of the major players in smartphones and technology seem to have made their way into m-payments in one way or another, each with their own efforts to enhance mobile security to the point that they can make consumers comfortable with the tech and keep out fraud at the same time. This includes the acquisition of Braintree by PayPal, the new and improved mobile wallet launch by Google, and the addition of fingerprint scanning and biometrics by Apple.

Still, the primary barrier that all of those companies face is in mobile security, as consumers are still not convinced of the safety of their sensitive data. As many consumers are already quite comfortable with the payments methods that they already use, they are not ready to take a risk on a new and little known technology, when they don’t feel that their credit and debit cards are causing them an inconvenience.