As much as 40% of mobile applications vulnerabilities detected are related to unsafe handling of data, according to a new survey.
The Indusface Research Team conducted an in-depth testing around the top 10 mobile vulnerabilities listed by OWASP and found that 23% of mobile apps suffered from insecure data storage vulnerability, 17% were suffering from unintended data leakage vulnerability and 10% from weak server side controls. The team tested more than 100 mobile applications across a set of Indian companies and detected 21,000 vulnerabilities. This shows that enterprise mobile apps are extremely vulnerable to data leaks, report stated.
“The phenomenal increase in mobile usage has also increased the risk of vulnerabilities. Almost all the mobile apps we use today have access to all the data on a user’s phone, including business data, which can be extremely risky. Therefore, it has become critical for businesses to focus in a big way on mobile app security and find ways to protect their business critical information,” said Ashish Tandon, Chairman and CEO – Indusface.
An interesting finding of the survey was related to vulnerability of mobile apps on Apple iOS as against Android. Although a majority of security breaches and hacking incidents reported in the past have been on Android apps, Indusface Research Team discovered that some of the critical mobile apps on Apple iOS could actually be more vulnerable to security threats.
While the high level vulnerabilities were divided equally (50%) between the two operating systems, among the critical ones Apple iOS was found to be much more vulnerable at 67% in comparison to Android which stood at 33%, the survey said.