iOS apps pose greater risk of data breach: study

  • iOS
  • Tuesday, 11 Mar 2014

App developers are increasingly targeting the more lucrative iOS market, where more than 91% of the top 100 apps for Apple devices exposed users to security breaches and other data leaks, according to a study released Feb 18 by Appthority. 

By comparison, Appthority found that 83% of the top 100 Android-based apps exposed their users to leaks of both personal and company information. 

"When app users think mobile security they think of malware, which is a bigger problem on Android," said Appthority president Domingo Guerra. 

"But iOS users spend more money on apps and on their devices and on their cellphone bill, in general. As a result, iOS users are seen as a premium and (app) developers are targeting them differently than Android users. In general, we've seen a big false sense of security in the market." 

Even after Apple prohibited developers from accessing unique device identifiers, 26% of the top iOS apps still expose UDIDs — up 6% from Appthority's last study in July. 

"The developers are not always building with the best practices and sometimes use third-party tools, third party libraries or are using software developer kits to build apps faster that are introducing new privacy concerns," Guerra said. 

Along with exposing a users' Facebook friends' information, the top apps also can reveal sensitive company information, leading to corporate spamming and exposure of employee phone numbers, Guerra said. 

"For most people, location tracking is not that important," he said. "But from a corporate level, executives can be location tracked. If you knew where all the top Google execs are on a given day, you could predict Google's next acquisition. Calendars are a big concern because folks use their calendars to store meeting minutes, topics, confidential notes and the names of attendees." 

In many cases, Appthority found that free apps pose the greatest risk. 

Overall, 56% of the top 200 free iOS and Android apps identify the user's unique device identity. 

But all of the top free Android gaming apps identify the users' ID. 

And 58% of the top free Android apps share data with ad networks. 

For both iOS and Android, 31% of free apps access users' contact list or address book, compared to 22% of paid apps. — San Jose Mercury News/McClatchy-Tribune Information Services  

Article type: metered
User Type: anonymous web
User Status:
Campaign ID: 1
Cxense type: free
User access status: 3

iOS , apps , Apple , ecosystem


Did you find this article insightful?


Across the site