NOWSECURE UNVEILS FIRST AUTOMATED OWASP MASVS V2.1 MOBILE APP SECURITY AND NEW PRIVACY TESTING

NowSecure MARI is the industry’s first simple risk score based on millions of assessments that identifies third-party apps vulnerable to PII and IP exfiltration, supply-chain and MiTM attacks and sensitive data theft.

MARI Datasheet featured image 768X480
NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy Show More
magnifying glass icon

New NowSecure MobileRiskTracker™ Live Benchmark Reveals 71% of Top 5,200 Most Popular Mobile Apps Have Security Issues and 68% Have Privacy Issues

Contact: NowSecure

Tel: (202) 240-7611

Email: [email protected]

For Immediate Release

September 15, 2021 - 9:55 am

Free Real-Time Portal Gives Organizations, Government and Media Industry-Specific Insight into the Security and Privacy Risks of the Mobile Apps They Build and Use

Chicago, Il September 15, 2021 — NowSecure, the leading standards-based mobile app security and privacy software company, announced the availability of a free online tool called MobileRiskTracker™ to share real-time mobile app security and privacy benchmarks. Now organizationes, government and media along with mobile app builders themselves can gain visibility into the risks lurking in the millions of mobile apps used every day.

The live MobileRiskTracker continuously monitors the top 5,200 mobile apps ranked by download popularity across 12 industry groups, with more apps and industry groups to be added over time. Key insights from the benchmark analysis where risk is scored for each mobile app on a range from 0-100, with 100 as high quality and 0 low quality:

  • The average risk score across ALL groups was a relatively poor 66/100, with 71% of all mobile apps showing security issues and 68% showing privacy issues.
  • The best overall scoring groups with an average score of 70/100 were HiTech Business Software and Energy.
  • The worst overall scoring group averages overall at a score of 61/100 were FinTech/InsurTech and Travel/Hospitality.
  • 131 of 5,200 total mobile apps transmit data to Russia, China, Hong Kong and other high-risk countries.

Organization and government users gain tremendous productivity tapping into the millions of mobile apps available in the Apple AppStore™ and Google Play™ across dozens of categories including organization, personal productivity, travel, expense management, emergency services and more. Thousands of organizationes and government agencies develop and ship mobile apps in the public app stores to better serve customers, tap new revenue streams and deliver innovative new experiences. But there are no central public resources available to assess the risks in those millions of mobile apps. Prior industry benchmark reports have shown as many as 85% of mobile apps have security vulnerabilities and 70% leak private data, while nearly all share data with multiple third-party services and transmit data all over the world. To help bring visibility to these issues and drive improvements across the industry, NowSecure has launched a free MobileRiskTracker as a real-time benchmarking tool for understanding ever-evolving security and privacy issues in mobile apps in the mobile app supply chain.

“While mobile apps dominate internet traffic and time spent online, very few organizations have any understanding of the inherent risks that may be in the apps they build and use every day,” said NowSecure CEO Alan Snyder. “We are providing this free public resource to help enterprise IT, security, compliance and risk teams who use mobile apps — and the mobile app builders who make them — to more effectively understand and manage mobile supply-chain risks and take action. We encourage all organizations using mobile apps to review their category benchmarks and all mobile app builders to see where they stand versus their peers.”

How the MobileRiskTracker from NowSecure works:

The NowSecure Platform conducts mass scale, real-time data analysis by continuously scanning millions of mobile apps in public app stores. NowSecure MobileRiskTracker aggregates this data anonymously to show relative security and privacy performance for the most popular mobile apps in each specific industry group.

  • Analyzes the most popular mobile apps in each of 12 categories: Travel & Hospitality, Healthcare, Pharmaceutical, Energy, Hightech Business, FinTech & InsurTech, Airline, Retail, Banking & Finance, Social Media, Automotive and the Gig Economy.
  • Performs over 600 security and privacy tests of each mobile app each time a mobile app update is released, dynamically testing on real devices to identify real issues and trace where data is transmitted.
  • Scores mobile app risk for the app group on a scale of 0-100 with 100 high quality and 0 low quality/high risk, retesting and aggregating every day while charting scores over time.
  • Shows the frequency and distribution of high, medium and low-risk apps within each industry category.
  • Maps countries where actual mobile data is transmitted, including high-risk countries such as China, Hong Kong, Russia and more as identified by the U.S. State Department.
  • Reveals the overall percentage of mobile apps with security and privacy risks within each industry group, including the top 5 most prevalent issues.
  • Identifies key risk issues such as attackers can take over mobile app, insecure network communication, leaks sensitive personal data like passwords and more.
  • Continuously monitors for mobile app updates and retests daily, recognizing that thousands of mobile apps are updated in the app stores each day and the potential of new risks in newly added features within each mobile app.
  • More mobile app categories and popular mobile apps will be added to the live benchmarking tool over time.

 Additional MobileRiskTracker benchmark insights by industry:

  • Pharmaceutical mobile apps had the highest security risk at 91% of all Pharma mobile apps with at least one security/privacy issue, followed by Energy at 84% and Automotive at 80%.
  • Gig Economy apps had the highest privacy risk at 91% of all Gig Economy mobile apps with at least one security/privacy issue, followed by FinTech & InsurTech at 80% and Pharma at 76%.
  • Retail apps have the highest number of apps that scored as high risk with 54% of all apps in the retail industry group, followed by Travel & Hospitality and FinTech & InsurTech.
  • Automotive apps have the highest number of apps scored as low risk with 27% of all apps in the automotive industry group, followed by FinTech/InsurTech, Healthcare and HiTech Business. 

The MobileRiskTracker from NowSecure is built on the cloud-based NowSecure Platform mobile app security testing solution for continuous testing in mobile DevSecOps pipelines and continuous monitoring of mobile app supply-chain risk in mobile app stores. 

Check out MobileRiskTracker today for free, request your free benchmark comparing your mobile app to the tracker, and learn more about mobile app risks here.

Media professionals who would like deeper access to the benchmark data for publishing can contact NowSecure at [email protected]

About NowSecure

Mobile apps define an enterprise’s digital presence and drive engagement with both employees and customers. However, the rapid pace of mobile innovation introduces security, safety and privacy risks that traditional risk management technologies often miss. By partnering with NowSecure to build a Mobile Applications Risk Management (MARM) program, organizations are better protected against the risks that plague the largely insecure mobile app ecosystem. NowSecure provides policy-driven progressive testing tailored to risk tiers, combining automated continuous assessments with expert Pen Testing as a Service (PTaaS) to pinpoint and remediate security, safety, and privacy issues. This approach shrinks the mobile app attack surface and accelerates app releases. Built on a foundation of industry standards by mobile security experts, NowSecure safeguards many of the world’s leading brands and their employees, partners and customers.

Posted by

NowSecure Mobile Security Advocate