Free Real-Time Portal Gives Organizations, Government and Media Industry-Specific Insight into the Security and Privacy Risks of the Mobile Apps They Build and Use
Chicago, Il September 15, 2021 — NowSecure, the leading standards-based mobile app security and privacy software company, announced the availability of a free online tool called MobileRiskTracker™ to share real-time mobile app security and privacy benchmarks. Now organizationes, government and media along with mobile app builders themselves can gain visibility into the risks lurking in the millions of mobile apps used every day.
The live MobileRiskTracker continuously monitors the top 5,200 mobile apps ranked by download popularity across 12 industry groups, with more apps and industry groups to be added over time. Key insights from the benchmark analysis where risk is scored for each mobile app on a range from 0-100, with 100 as high quality and 0 low quality:
- The average risk score across ALL groups was a relatively poor 66/100, with 71% of all mobile apps showing security issues and 68% showing privacy issues.
- The best overall scoring groups with an average score of 70/100 were HiTech Business Software and Energy.
- The worst overall scoring group averages overall at a score of 61/100 were FinTech/InsurTech and Travel/Hospitality.
- 131 of 5,200 total mobile apps transmit data to Russia, China, Hong Kong and other high-risk countries.
Organization and government users gain tremendous productivity tapping into the millions of mobile apps available in the Apple AppStore™ and Google Play™ across dozens of categories including organization, personal productivity, travel, expense management, emergency services and more. Thousands of organizationes and government agencies develop and ship mobile apps in the public app stores to better serve customers, tap new revenue streams and deliver innovative new experiences. But there are no central public resources available to assess the risks in those millions of mobile apps. Prior industry benchmark reports have shown as many as 85% of mobile apps have security vulnerabilities and 70% leak private data, while nearly all share data with multiple third-party services and transmit data all over the world. To help bring visibility to these issues and drive improvements across the industry, NowSecure has launched a free MobileRiskTracker as a real-time benchmarking tool for understanding ever-evolving security and privacy issues in mobile apps in the mobile app supply chain.
“While mobile apps dominate internet traffic and time spent online, very few organizations have any understanding of the inherent risks that may be in the apps they build and use every day,” said NowSecure CEO Alan Snyder. “We are providing this free public resource to help enterprise IT, security, compliance and risk teams who use mobile apps — and the mobile app builders who make them — to more effectively understand and manage mobile supply-chain risks and take action. We encourage all organizations using mobile apps to review their category benchmarks and all mobile app builders to see where they stand versus their peers.”
How the MobileRiskTracker from NowSecure works:
The NowSecure Platform conducts mass scale, real-time data analysis by continuously scanning millions of mobile apps in public app stores. NowSecure MobileRiskTracker aggregates this data anonymously to show relative security and privacy performance for the most popular mobile apps in each specific industry group.
- Analyzes the most popular mobile apps in each of 12 categories: Travel & Hospitality, Healthcare, Pharmaceutical, Energy, Hightech Business, FinTech & InsurTech, Airline, Retail, Banking & Finance, Social Media, Automotive and the Gig Economy.
- Performs over 600 security and privacy tests of each mobile app each time a mobile app update is released, dynamically testing on real devices to identify real issues and trace where data is transmitted.
- Scores mobile app risk for the app group on a scale of 0-100 with 100 high quality and 0 low quality/high risk, retesting and aggregating every day while charting scores over time.
- Shows the frequency and distribution of high, medium and low-risk apps within each industry category.
- Maps countries where actual mobile data is transmitted, including high-risk countries such as China, Hong Kong, Russia and more as identified by the U.S. State Department.
- Reveals the overall percentage of mobile apps with security and privacy risks within each industry group, including the top 5 most prevalent issues.
- Identifies key risk issues such as attackers can take over mobile app, insecure network communication, leaks sensitive personal data like passwords and more.
- Continuously monitors for mobile app updates and retests daily, recognizing that thousands of mobile apps are updated in the app stores each day and the potential of new risks in newly added features within each mobile app.
- More mobile app categories and popular mobile apps will be added to the live benchmarking tool over time.
Additional MobileRiskTracker benchmark insights by industry:
- Pharmaceutical mobile apps had the highest security risk at 91% of all Pharma mobile apps with at least one security/privacy issue, followed by Energy at 84% and Automotive at 80%.
- Gig Economy apps had the highest privacy risk at 91% of all Gig Economy mobile apps with at least one security/privacy issue, followed by FinTech & InsurTech at 80% and Pharma at 76%.
- Retail apps have the highest number of apps that scored as high risk with 54% of all apps in the retail industry group, followed by Travel & Hospitality and FinTech & InsurTech.
- Automotive apps have the highest number of apps scored as low risk with 27% of all apps in the automotive industry group, followed by FinTech/InsurTech, Healthcare and HiTech Business.
The MobileRiskTracker from NowSecure is built on the cloud-based NowSecure Platform mobile app security testing solution for continuous testing in mobile DevSecOps pipelines and continuous monitoring of mobile app supply-chain risk in mobile app stores.
Media professionals who would like deeper access to the benchmark data for publishing can contact NowSecure at [email protected]
As the recognized experts in mobile security and privacy, NowSecure protects the global mobile app economy and safeguards the data of millions of mobile app users. Built on a foundation of standards, NowSecure empowers the world’s most demanding organizations with security automation to release and monetize 30% faster, reduce testing and delivery costs by 30% and reduce appsec risk by 40%. Only NowSecure offers a full solution suite of continuous security testing for DevSecOps, mobile app supply-chain monitoring, expert mobile pen testing as a Service (PTaaS) and training courseware. NowSecure actively contributes and supports the mobile security open-source community, standards and certification including OWASP MASVS, ADA MASA, NIAP and is recognized by IDC, Gartner, Deloitte Fast 500, and TAG Cyber.