Topics:

Appthority: 83% of the top apps have security risks

Free apps and games have the most problems, but paid apps are no guarantee either, report says
Tools

There's no such thing as a free app if you consider the potential costs around the security of personal information, based on the latest research from Appthority. The San Francisco-based mobile risk management firm's Appthority App Report for Summer 2013 analyzed 400 free and paid apps across both iOS and Android to come up with its conclusions.

  • Overall, 83 percent of the most popular apps are associated with security risks and privacy issues.
  • 91 percent of iOS apps exhibit at least one risky behavior, as compared to 80 percent of Android apps.
  • 78 percent of the most popular free Android apps identify the user's ID (UDID). Even though Apple prohibits its developers from accessing the UDID, 5.5 percent of the tested iOS apps still do.
  • 72 percent of the top free apps track the user's location, compared to 41 percent of paid apps.
  • 39 percent of paid iOS and 16 percent of paid Android apps still share data with ad networks.


According to Appthority's findings, free apps contained more questionable security practices than paid apps.

"The results confirm that while paid apps are less risky than free apps, users are by no means protected by only downloading paid apps," the report said, adding that Appthority found 78 percent of the top paid apps exhibited at least one risky app behavior. "It's clear that developers have seen the value that may come from collecting user data (and in many cases, selling that data) regardless of whether users have paid for an app or not."

Appthority is primarily using this research to help IT departments understand the potential threats facing their organizations if they don't deploy a service that helps monitor mobile app risks. For indie app developers pursuing the consumer market, this may not seem relevant. In an era where many companies are allowing personal smartphones to be connected to corporate networks as part of "bring your own device" (BYOD) programs, any app or mobile game that looks like a threat may be blocked in an office environment, which could seriously hurt a developer's chance at engagement and monetization. 

Thus, developers ought to ensure the data their app collects is presented as transparently as possible.

For more:
- to download the complete Appthority Report for Summer 2013, click here

Related Articles:
Google issues patch for major Android security flaw to OEM partners
Security hole reportedly imperils 99% of Android devices
Juniper Networks: Mobile malware threats explode 614% year-over-year