Many Popular Android Apps Leak Sensitive Data, Leaving Millions Of Consumers At Risk

From Forbes: Most of us operate under the assumption that the apps on our phones are safe and that we can use them to do the tasks they were designed for without putting us at risk. New research conducted by mobile app security firm NowSecure suggests that isn't the case. The company tested 250 of the most popular Android apps available in the Google Play Store and found that 70 percent of them suffered from vulnerabilities that could leave sensitive user data exposed. The findings suggest that millions of Android users could be at risk.

The findings show that vulnerabilities are widespread across nearly every category of application. However, online and brick and mortar retail apps are among the most vulnerable. Ninety-two percent of all online retail apps and more than four in five brick and mortar store apps are actively leaking sensitive customer information, according to NowSecure. Troublingly, one in six of the apps suffer from what the security company classifies as "high-risk" vulnerabilities.

One such app that was discovered to be leaking customer information belonged to Kohl's, a leading department store retailer in the United States. NowSecure's test of the Kohl's app, performed in the fourth quarter of 2018, found 17 vulnerabilities and privacy risks in the service. Researchers discovered that the app transferred sensitive data in plaintext, which would open up the possibility that an attacker would be able to identify and track a user or intercept their personal information. Kohl's has since patched the vulnerabilities and is no longer believed to be exposing user data.

View: Article @ Source Site