NFL teams have redesigned their mobile apps to enhance the fan experience, both in stadiums and at home. Fans can turn to their smartphones for digital ticketing, live video streaming, in-seat concession ordering, contest participation and cutting-edge features like augmented reality. However, a NowSecure analysis shows most of these apps have privacy risks, especially on iOS.
The NowSecure team is gearing up for an incredible week at Black Hat USA 2019 in Las Vegas. We’re excited to join the 22nd annual top security event to connect on all things mobile app security research, development, tools and trends.
To help you build your agenda and make the most of your time at the conference, we’ve selected several key Black Hat briefings that focus on mobile device security, enterprise mobile appsec, DevSecOps and reverse engineering. We look forward to connecting many of you with our mobile application security experts at the conference through prebooked meetings and visits to Booth #674.
With most online traffic shifting to mobile, organizations are at risk of data loss due to risky mobile apps that have security and privacy vulnerabilities. Consult this infographic to see potential threats in mobile app code functionality, data at rest and data in motion and how to identify them with mobile appsec testing.
The attention surrounding GDPR has intensified public awareness and attention about data privacy issues like never before. This is especially true for mobile apps such as Facebook. As Facebook endures scrutiny over data collection processes, the company suffered a stock plunge and continues to lose users. Organizations can use GDPR as a privacy framework to shape steps to safeguard user data and privacy.
Session replay is a technique that allows app developers to view screenshots, screen recordings, and touch events of how a user interacts with an app. Depending on how this technique is implemented, it can have some serious impacts to a user’s privacy. Based on recent news event, Apple already has started to notify app developers that they should obtain consent and inform users if they are being recorded.
Amidst increasing concern over compliance with the Children’s Online Privacy Protection Act and data privacy, we tested 50 Android mobile apps for young kids for security and privacy risk. The findings show worrisome vulnerabilities in webview, network and Inter-Component Communication.