Report: Most Apps Stink At Keeping Our Data Safe — Find Out Who's Bad
August 10, 2011
Our smartphones are storing more sensitive data about us by the day. Whether it's our contacts, or our banking information, we all got to a point where we trust apps on our phones with our credentials. Yet, according to a report released this week, relayed by InformationWeek, the measures most apps take to keep our data safe are often not up to snuff.
Indeed, the digital forensics firm viaForensics ran over a 100 "application assessments" on popular iOS and Android apps to try to see how safely they handle our information. Apparently, while your password is often secure, the rest really isn't. Of course, viaForensics' very business is to "secure" mobile apps, so they're far from being objective about it, yet what they found is very real.
For example, 76 percent of the apps tested store usernames as plaintext. You might not care, but for someone going after your data, that's half the puzzle right there. Either way, most apps store all your transaction data and activity in the clear anyway (in 74 percent of the cases) so there isn't much of a need to get inside your account to start with. Also, while apps like Square, that process credit card transactions, are careful enough not to store your credit card information, they will still give out your username, the last numbers of your credit card, a copy of your signature and the detail of your transactions.
What does this mean? Well, if someone with bad intentions and a bit of knowledge was to come in possession of your iPhone, you're probably in a great deal of trouble. Furthermore, if some sort of malware/virus was to ever make it to our smartphones, this data would be at their mercy as well. Yet, these are really isolated cases and there clearly isn't much of a reason to let this worry you. Maybe just think twice before you decide to store your credit card number in the notes app next time.
So who made the list of shame? Hushmail, LinkedIn, Skype, and WordPress are reportedly the worst ones at the moment, with the Chase bank app also not doing that great of a job. Further, apps like Amazon, Best Buy, Facebook, and Twitter are also storing a good deal of private details they should take better care of. Best of all, you can actually go check out the details of how each app they tested behaved right on their website.
On the good side, viaForensics seems to feel iOS is still the most secure platform for now. What a relief.
(Creepy Voice) Are you scared now?
(Image Credit: COM)