Insecure Data Storage in Mobile Applications Poses Security Issues

Insecure Data Storage in Mobile Applications Poses Security Issues

Users’ data might be more at risk than they realize. A new study shows that three quarters of mobile application have insecure data storage issues, putting passwords, financial information, personal data, and correspondence at risk.

Three quarters of mobile applications have vulnerabilities that could allow hackers to steal sensitive information from both Android and Apple users.

Researchers discovered and listed these insecure data storage problems in their report Vulnerabilities and Threats in Mobile Applications 2019.

According to the report, the most common issue in mobile applications is insecure data storage. 76 percent of mobile applications had insecure data storage, putting passwords, financial information, personal data, and correspondence at risk.

In addition, high-risk vulnerabilities were found in 38 percent of mobile applications for iOS and in 43 percent of Android applications.

Users may not believe they are at risk unless their phone is physically stolen, but in reality, 89 percent of vulnerabilities can be exploited using malware, with no physical access needed.

The vulnerabilities have been classified as medium risk by researchers, but 29 percent of tested applications have been found to contain what has been classed as a high risk – insure interprocess communication.

Leigh-Anne Galloway, cybersecurity resilience lead at Positive Technologies, told ZDNet that since developers pay less attention to data insecurity, users must take steps to secure their own data.

“Developers pay painstaking attention to software design in order to give us a smooth and convenient experience and people gladly install mobile apps and provide personal information. However, an alarming number of apps are critically insecure, and far less developer attention is spent on solving that issue,” Galloway said. “We recommend that users take a close look when applications request access to phone functions or data. If you doubt that an application needs access to perform its job correctly, decline the request.”

About the Author

Kaitlyn DeHaven is the Associate Content Editor for the Infrastructure Solutions Group at 1105 Media.

Featured

New Products

  • Hanwha QNO-7012R

    Hanwha QNO-7012R

    The Q Series cameras are equipped with an Open Platform chipset for easy and seamless integration with third-party systems and solutions, and analog video output (CVBS) support for easy camera positioning during installation. A suite of on-board intelligent video analytics covers tampering, directional/virtual line detection, defocus detection, enter/exit, and motion detection.

  • QCS7230 System-on-Chip (SoC)

    QCS7230 System-on-Chip (SoC)

    The latest Qualcomm® Vision Intelligence Platform offers next-generation smart camera IoT solutions to improve safety and security across enterprises, cities and spaces. The Vision Intelligence Platform was expanded in March 2022 with the introduction of the QCS7230 System-on-Chip (SoC), which delivers superior artificial intelligence (AI) inferencing at the edge.

  • EasyGate SPT and SPD

    EasyGate SPT SPD

    Security solutions do not have to be ordinary, let alone unattractive. Having renewed their best-selling speed gates, Cominfo has once again demonstrated their Art of Security philosophy in practice — and confirmed their position as an industry-leading manufacturers of premium speed gates and turnstiles.