Despite the fact that there have been many high profile cases of cyber attacks, apps remain vulnerable.
A recent study conducted by Bluebox has shown that virtually no travel apps have gone to the extent of adding encrypted data to protect them from mobile security breaches, and several are made with vulnerable code.
Even though there have been countless cyber attacks in recent headlines, added security hasn’t become a priority.
The attacks to companies as large as Target and Ashley Madison could have acted like a mobile security wake up call, but it’s clear that this has not been the case. Even though the evidence is strong that mobile app security is important to consumers, and there is great concern about hacks among companies and individuals, alike, app developers don’t seem to be building it in. Bluebox, a mobile app security and analytics company has conducted an analysis that has shown that the average person is surprisingly vulnerable to hacking through mobile devices.
The focus on the mobile security study was primarily on travel apps, which showed considerable holes.
Among 10 top Android travel apps, Bluebox found that only one of them had encrypted the data that it was storing on the user’s device. Among 10 of the top iOS travel apps, there wasn’t a single one that had encrypted the data stored on the device. Furthermore, only 2 out of the 10 Android apps that were analyzed and only 1 of the 10 iOS apps analyzed had used certificate pinning. Bluebox explained that certificate pinning is “a key capability for securing app data in transit.”
The lead security analyst at Bluebox Security, Andrew Blaich, explained that among the most important activities of a mobile app is to ensure that it is encrypting data that is written. He also pointed out that “We also want to make sure that the data is not easily accessible at all.” Of all the apps that were analyzed in this study, only one of them had actually employed data encryption.
That said, it was pointed out that in that instance, this mobile security step was “hard-coded into the source code,” which means that it would still be simple for someone to decrypt the data from the source code.
Cyber attacks growing more common in Australia and other countries
Cyber attacks are becoming more frequent in Australia as mobile usage continues to grow throughout the country. With mobile devices becoming more common, so too is mobile commerce. According to a new report from ThreatMetrix, mobile devices now account for 31% of all transactions made in the country. This has made Australia a very attractive target for malicious groups that would like to take advantage of consumers and businesses that are involved in mobile commerce.
Mobile commerce has become an attractive target for malicious groups
The report from ThreatMetrix shows that Australia is in the top 10 countries around the world when it comes to cyber attacks and serious security threats. Targeted attacks are becoming much more prevalent in the country, as consumers are finding themselves increasingly exposed to cyber attacks when they participate in mobile commerce. The report notes that digital identities are now a form of global currency, as a person’s identity has a significant amount of financial data associated with it.
Growing number of transactions are proven to be fraudulent
ThreatMetrix has monitored many mobile payments made in Australia and other countries. Approximately 20% of the transactions that the organization monitored were payment related, with 3.1% of these mobile payments being flagged as representing malicious attack traffic. The company’s report shows that an estimated 3.1% of account creation on mobile commerce platforms was fraudulent as well. The growing use of mobile applications is being linked to the rise in security threats and cyber attacks in the mobile commerce space as well as others.
Security issues are a concern for consumers, but mobile commerce continues to grow in Australia and elsewhere
Security concerns have plagued the mobile commerce space for some time. These concerns have prevented many consumers from using their mobile devices to purchase products either online or in physical stores. Despite the security concerns, however, mobile commerce continues to grow and companies involved in this space have been investing in improved security and the use of new technology that can protect consumer financial information.
