New research regarding threats and vulnerabilities in mobile apps has found that iPhone and iPad users are not as secure as they might imagine, leaving their private data at risk. According to a report which was published this week, an alarming number of iOS apps are at risk.
It was found from Positive Technology, which conducts a yearly analysis of application security, that about 38% of Apple iOS apps contained some critical vulnerabilities. This compares to a slightly higher number of Android apps, being 43%, which can be categorized as a minimal difference. It also means that the security level of apps is roughly equivalent to both the platforms.
According to the researchers, most of the vulnerabilities were caused by loopholes in security mechanisms that creep in during the design phase of development; in 54% of the Android apps but 74% for the iOS ones.
Reports also say that “errors made by developers in designing and writing code for mobile applications” can create gaps in the protection and can also invite attackers to strike.
Insecure data storage was identified as the most common vulnerability by Positive Technologies study, found in 76% of apps and can also lead to attackers accessing financial information, passwords, personal data, and correspondence. Of these vulnerabilities, 89% were exploitable by malware. The report also warns that malware might ask the user for permission to access data and then send that onto the attackers without the user realizing it.
The report concluded that most of the discovered vulnerabilities originated due to a failure to think through security-related questions during the design stage. The report also recommends developers to have a methodical approach towards designing and coding. This should be followed by regular testing from day one of the software cycle. The advice applies not just for the iPhone and iPad users, but also to the Android users.