Report Highlights Significant Mobile App Security Policy Violations - Placing Popular Social Network, Insurance Companies, Airlines and Their Users at Risk.
Troy, MI (PRWEB) August 22, 2013 -- RIIS, LLC, an IT services firm specializing in mobile application development and professional services, today announced they've published an Android App Security Index that ranks mobile applications according to their adherence to mobile security policies.
Of the 20 apps, the top 4 had no security issues identified but the other 16 had room for improvement. Scoring is based on how well the app developers mitigated these 10 mobile app security risks:
1. Insecure Data Storage
2. Weak Server Side Controls
3. Insufficient Transport Layer Protection
4. Client Side Injection
5. Poor Authorization and Authentication
6. Improper Session Handling
7. Security Decisions Via Untrusted Inputs
8. Side Channel Data Leakage
9. Broken Cryptography
10. Sensitive Information Disclosure
The leaders, those exhibiting care in mitigating these risks, in the report include:
• 2 national consumer financial institutions
• 1 national home, life and auto insurance company
• 1 government organization
These companies/brands have demonstrated a true understanding of mobile app security and have taken appropriate measures to secure their own data and that of their end users.
However, 5 apps were found to have room for improvement in mobile security. These include:
• 1 event ticketing retailer
• 1 national home, life and auto insurance company
• 1 major US airline
• 1 popular social network
• 1 national gas station
Notable risks include ability to recover usernames and passwords from some of these apps as well as user's messages and personal information in the remaining apps.
The Index, complete with the names of the apps studied and their issuing companies is available for download at http://www.DecompilingAndroid.com .
Along with the Index, visitors will find:
• Top 10 mobile app security risks and what they mean for app development.
• An overview of mobile app security that helps non-technical owners understand risks.
• Solutions for mobile app security including utilities to secure files, flag security risks and audit code.
###
About RIIS
RIIS is an IT consulting firm based in Troy, MI. Our primary service includes accelerated application development through visualization and automated tools for the web and mobile technologies. We help companies get the applications they need, faster! Industry experience includes software, eCommerce, advertising, defense, insurance, banking/finance, and telecommunications.
Contact:
(248) 351-1200
http://www.riis.com
Godfrey Nolan, RIIS, LLC, http://riis.com, 248-351-1200, [email protected]
Share this article