State of Application security is worse than developers or users think
With the growing use of smartphones, most of the things we do via mobile apps. Most of the people do not think much before downloading an app. They just care about the brand name or suggestions given by friends. So, they have a general perception about the state of the app’s security. Most of the people think that they are using safe apps and their data is also safe on their smartphone.
The Same perception was found among developers. While many startups ignore Information security, developers think that their applications are safe. But actual data shows some dangerous results.
Arxan Technologies has published a report showing the actual state of security of mobile applications by analyzing more than 100 popular mobile apps. This report came with surprising data to show the perception and reality about the state of application security.
Around 83% users and 87% application executives believe that their mobile apps are secure. 22% application executives also think that every possible step have been taken to make the app secure, but only 54% could confidently say that app will not be hacked in next 6 months. 48% users also suspected that the app could be hacked within next 6 months.
This was the data based on perception. But reality check was hurting. Around 90% of mobile apps were vulnerable to at least 2 of the OWASP mobile top 10 risks. 84% apps had poor transport layer protection and 98% lacked binary code protection. The worst thing was that 50% organizations have zero budget for app security.
Check this infographic to better understand the whole thing.
Our recommendations for app users and app developers
While app users cannot do much from their side, they can still take few steps to ensure their security. As an app user, you should always download apps from trusted app stores and check the permissions app asks before installation. Try to avoid jailbreak and rooting to ensure the security of your device.
App developers should take care of proper testing. You should also ask for security budget within your company to hire a good penetration tester to ensure the security of your app.
Featured image source: Young woman screaming