Check out the on-demand sessions from the Low-Code/No-Code Summit to learn how to successfully innovate and achieve efficiency by upskilling and scaling citizen developers. Watch now.
While the bulk of mobile security research is focused on intentionally malicious apps, it’s the benign ones that you should really be afraid of.
That’s the latest conclusion made by Android security researchers, who found that dozens of Android apps had lax security that exposed user data to theft, Ars Technica reports.
At the core of the researchers’ exploits are so-called “man-in-the-middle” attacks, which steal data by piggybacking on compromised WiFi networks. Once users connect to them, hackers can strike, intercepting poorly encrypted data such as banking information, log-in credentials, emails, and instant message transcripts.
Intelligent Security Summit
Learn the critical role of AI & ML in cybersecurity and industry specific case studies on December 8. Register for your free pass today.
These 40 or so apps, researchers say, are used by as many as 185 million people, few of whom are aware of the issues. Fortunately for app makers, the researchers were kind enough not to share the names of these insecure apps, which isn’t exactly helpful to those Android users who might have them installed.
Much of the problem, the researchers say, lies in poor implementation of encryption protocols by app developers, who they say aren’t as focused on data security as they should be. The solution? Google has to do a better job of enforcing more stringent security measures, the researchers say.
But what about iOS? While the researchers focus on Android, it’s possible that iOS apps are also exposed to these same security holes. That’s because the issue is larger than the operating system: Any app using poor encryption is vulnerable to the same problems, regardless of the platform it’s on. That’s why the app approval process is so important.
VentureBeat's mission is to be a digital town square for technical decision-makers to gain knowledge about transformative enterprise technology and transact. Discover our Briefings.