App Security: It's Even Worse than You Thought

Blog



App Security: It's Even Worse than You Thought

[caption id="attachment_13649" align="alignleft" width="432"]Infographic - Perception of Security (Source: Arxan) Infographic - Perception of Security (Source: Arxan)[/caption] There's been plenty written about the significant security dangers posed by mobile apps, but most people think the apps they use are secure. But they're wrong --- the vast majority of mobile apps have security vulnerabilities. So says a survey from security firm Arxan. And the results are likely even worse than you imagined. The report, "State of Application Security, Perception versus Reality," is based on interviews with nearly 1,100 people in the U.S., UK, Germany and Japan, including app users and IT executives involved in app security. The focus is on two types of mobile apps: health and finance. The world according to the IT executives is quite rosy: 87% said their applications are adequately secure, and 82% believe everything is being done to protect their apps. Some 83% of app users surveyed believed the apps they use are adequately secure, but far less, 57%, believe that everything is being done to protect the apps they use. [caption id="attachment_13650" align="alignright" width="432"]Infographic - Reality of Security (Source: Arxan) Infographic - Reality of Security (Source: Arxan)[/caption] As for the reality, it's quite different. Arxan claims that 90% of 126 mobile health and finance apps it tested "were not adequately addressing two or more of the Open Web Application Security Project (OWASP) Top 10 Mobile Risks." In addition, the report claims, 84% of the FDA-approved apps it examined and 80% of the apps approved by the National Health Service (NHS) it examined were vulnerable to at least two of the top 10 OWASP mobile risks. The report also found that "98% of apps tested lacked binary code protection and could be reverse-engineered or modified." In addition, "84% of apps tested had poor transport layer protection and could lead to data and identify theft." Not surprisingly, more than 80% of app users surveyed would switch to a different app if they knew their app was vulnerable, or a similar one was more secure. Here's maybe the biggest shock of the report: It claims that half of organizations "have zero budget allocated to protecting mobile apps." There's a lot more eye-opening in the report. For more details and additional reports, click here. To access the full report, click here to download the PDF. To see an infographic of the report, click here. To learn more about Arxan, click here.
Video: Offline Access to Images in Mobile Applications Using SQLite
How Alpha Anywhere's RMAD Platform Built the Ideal Solution for Hayat Communications

About Author

Amy Groden-Morrison
Amy Groden-Morrison

Amy Groden-Morrison has served more than 15 years in marketing communications leadership roles at companies such as TIBCO Software, RSA Security and Ziff-Davis. Most recently she was responsible for developing marketing programs that helped achieve 30%+ annual growth rate for analytics products at a $1Bil, NASDAQ-listed business integration Software Company. Her past accomplishments include establishing the first co-branded technology program with CNN, launching an events company on the NYSE, rebranding a NASDAQ-listed company amid a crisis, and positioning and marketing a Boston-area startup for successful acquisition. Amy currently serves as a Healthbox Accelerator Program Mentor, Marketing Committee Lead for the MIT Enterprise Forum of Cambridge Launch Smart Clinics, and on the organizing team for Boston TechJam. She holds an MBA from Northeastern University.

Comment

Subscribe To Blog

Subscribe to Email Updates