Learn where AI is hiding in your mobile apps

AI local files are data files containing pre-trained AI models, weights, configurations, or other essential information needed to deploy AI systems within an app. Identifying the AI files included in the app package or downloaded at runtime reveals the frameworks used (e.g., PyTorch or ONNX), offering insights into the app’s AI infrastructure. These files can also indicate whether the app is susceptible to model-related vulnerabilities or if it is using proprietary models without proper authorization. Ensuring these models are up-to-date, securely stored, and compliant with licensing agreements is crucial to prevent legal issues, security breaches, and loss of competitive advantage due to intellectual property theft. Outdated or unauthorized models can expose the app to attacks like prompt injection, infringe on intellectual property rights, and pose risks to functionality, user privacy, and the business—including financial losses and reputational damage.

AI endpoint URLs represent connections from the app to AI services hosted externally from the mobile device. The presence of these URLs indicates that the app may be transmitting or receiving data related to machine learning (ML), natural language processing (NLP), image recognition, predictive analytics, or other AI tasks. This data exchange can involve sensitive user information being sent to third-party servers, raising potential privacy concerns and regulatory compliance issues. If an app communicates with well-established domains like openai.com or aws.amazon.com, it is more likely relying on reputable platforms with strong security measures. However, communication with lesser-known or unsecured domains may expose user data to unauthorized access or misuse.

AI endpoint URLs represent connections from the app to AI services hosted externally from the mobile device. The presence of these URLs indicates that the app may be transmitting or receiving data related to machine learning (ML), natural language processing (NLP), image recognition, predictive analytics, or other AI tasks. This data exchange can involve sensitive user information being sent to third-party servers, raising potential privacy concerns and regulatory compliance issues. If an app communicates with well-established domains like openai.com or aws.amazon.com, it is more likely relying on reputable platforms with strong security measures. However, communication with lesser-known or unsecured domains may expose user data to unauthorized access or misuse.

Cloud-based AI, including LLMs and ML models, enable apps to perform advanced tasks by offloading processing to external infrastructure. However, this reliance poses risks to data privacy, particularly when sensitive user information is transmitted, potentially leading to unauthorized use, interception, or compliance challenges with evolving artificial intelligence and data privacy legislation.

On-device AI, including LLMs and ML models, provides benefits like local data processing, which can enhance privacy. However, these models may be vulnerable to reverse engineering, model-targeted attacks, and misuse, leading to significant risks for intellectual property, compliance, and liability.

Exposure of AI service API keys: Handling API keys in apps can be easily extracted by attackers, leading to financial risks, data breaches, and potential DDoS attacks. Unauthorized access to API keys can also violate terms of service, resulting in account suspension.