Most of us download useful or fun apps on our mobile devices without a thought to security issues. Apps aren’t dangerous, right? Unfortunately, that’s not so. There are two basic types of dangers. The app could be designed to install malware that steals data. If the device suddenly shows unusual battery, network or data storage use, it indicates the likelihood of a malicious app at work. Or the app could be poorly designed, with little or no concern for security of data or transactions. That seems to be the most likely scenario today.
It’s difficult to say just how widespread the problem is, partly because most of the studies are of apps on business systems. A recent study of business apps indicated that “More than two-thirds of the apps (67%) contained critical vulnerabilities. . . Stealing data from a smartphone usually doesn’t even require physical access to the device.” There are some differences between the apps designed specifically for business use (enterprise apps) and apps consumers use, but essentially app design is the same whether the apps are large or small, consumer or business. Therefore, the vulnerabilities are a concern for all of us.
Another recent disclosure is unsettling to many of us. We have felt smugly confident because we believed our iPhones to be secure. That assumption is being questioned by many security experts and the message is that Apple customers need to be careful, just like Android customers.
How is the layperson supposed to protect herself and her data and still enjoy the convenience and enjoyment of mobile apps? The experts have several recommendations:
This will keep you safer, but it is not an assurance of total security. Google has a good explanation of what they do to keep apps safe, but in spite of their efforts both Apple and Google post apps that are not secure. The best you can do is to watch for suspicious behavior, delete the app immediately and report it to the site where you downloaded it.
Be especially careful of gaming apps or apps that deal in virtual currencies like Bitcoin. Those apps are often found to be loaded with malware but they are not the only ones.
A recommendation that will be easy for most of us is adding mobile security to our devices. Most of the security suites we are already using have versions for mobile devices that can are easy to add. I added one to my iPhone recently and was pleased to see that it scanned my phone when I downloaded it and pronounced it clean of viruses and other malware. It has not interfered with the phone’s functioning, and that’s good news also.
Another easy but essential recommendation: update your apps frequently. Many of the updates are security patches.
Hint: when researching apps use words like “dangerous” and “insecure” and look at the hints at the bottom of the results page. Businesses are very concerned about apps that give incorrect information about customer usage and the word “fraud” is invariably associated with business issues.
The good news is that with a few sensible precautions, we can enjoy the opportunities mobile apps provide in our daily lives