Mobile apps may not be as secure as we think they are, turning into a blindspot when it comes to cybersecurity efforts.
With over 60 billion messages and 3.2 billion images shared on social networks every day, phones have transformed the way we communicate these days.
A new report from Licel, which makes no-code app security solution DexProtector, shows that 38% of app users previously shared their location via a social app without realising.
In 2007, data shared through mobile devices included contact numbers and text messages. In 2022, data sharing has grown to include bank details, health and purchase histories, digital IDs, social profiles and videos. This makes apps an attractive target for potential hack attacks.
With the rise in online and app banking, apps are increasingly targeted by criminals. By tampering with core features of apps, hackers can override functionalities and security measures.
Malware, app cloning, key logging, and man-in-the-middle attacks are just some of the threats financial app users face.
Many of the apps provided by bigger banks were also found to miss out on key security measures such as cryptographic algorithms, screen recording prevention, blocking the use of remote-control tools, or keylogging detection.
SMS phishing is popular because users tend to trust their smartphones more. Their guards are down.
“During the pandemic, a torrent of phishing messages were pinging on people’s phones,” explains Licel CEO Ivan Kinash. “While that did increase awareness of the device being a target, mobile apps are still a bit of a blind spot in cybersecurity. For example, most people assume that if an app is available to download from official stores, then it must be safe. The report debunks a few myths like this one.”
At the same time, security researchers found that just 37% of worldwide Android users had the latest version installed by 2022.
The operating system has repeatedly come under scrutiny for detecting apps that exposed personal user data.
“We all have a part to play in improving mobile app security,” says Kinash. “From us as app protection providers, through to Apple and Google, to the businesses developing apps, and finally to the end users themselves. The point of this report is not only to show the current state of play, but to set a course toward a more secure ecosystem.”