Over the past few months, the NowSecure team plunged into the depths of our mobile security intelligence to gather and correlate data in order to present a snapshot of the current state of mobile security “ the 2016 NowSecure Mobile Security Report. Some of the more interesting statistics we uncovered include:
- 25 percent of Android apps tested include at least one high risk security flaw
- Android apps in the Business category are three times more likely to leak login credentials than the average app
- Android apps in the Game category are one-and-a-half times more likely than the average app to include a high risk vulnerability
- 35 percent of communications sent by mobile devices are unencrypted
- The average mobile device connects to 160 unique servers each day
The report’s sources include our NowSecure Intelligence engine that collects more than 140 million mobile security data points per day and the analysis of more than 400,000 mobile apps from the Google Play app store. We tested these apps using our dynamic analysis system that automates and scales the analysis of mobile apps using real devices to test for high risk security problems.
What are high risk mobile app security flaws?
We define high risk security flaws as issues that expose data that a malicious individual could use to gather private, sensitive information and/or monitor a user’s activity. The report categorizes high risk issues as follows:
- Sensitive Data Issues: Leaking personal user data over the network
- Network Issues: Sending communications over the network without proper encryption
- File System Issues: Exposing data through improper file permissions
The chart below illustrates the percentage of Android apps overall that include these security issues. Out of all the mobile apps we tested, 13.3 percent had file system issues. The prevalence of sensitive data leak and network issues in all mobile apps was 10.7 percent and 3.8 percent respectively. To read more about the mobile security trends we’ve identified and findings across five popular app categories, including Business, Finance, Games, Shopping, and Social, download the report now.
- December 17, 2015 Finding Mobile Vulnerabilities at Scale