How to Protect Yourself from ‘Risky’ Mobile Apps

Clueful

Free apps in the iTunes and Google Play stores are overwhelmingly riskier to your privacy and security than paid apps, according to new research. Which suggests the old adage is still true: When you don’t pay for a product, chances are you are the product.

It probably wouldn’t surprise CIOs, but I suspect many consumers download free apps without a second thought. In Appthority’s latest “App Reputation Report” (available as afree PDF download), there’s good reason to exercise caution. Here are some notable findings from the report:

  • Of the top 200 free iOS and Android apps, 95 percent “exhibited at least one risky behavior.” Risky behaviors, as defined by Appthority, include location tracking; accessing the user’s address book; use of SSO, or single sign-on (such as using your Facebook credentials to log into a non-Facebook app); UDID, or the practice of identifying the user; in-app purchasing; and sharing information with ad networks and analytics companies.
  • By comparison, 80 percent of the top 200 paid iOS and Android apps exhibited one or more risky behaviors. While that’s better than the free apps, 80 percent is still a high percentage.
  • Among free apps, location tracking was the most prevalent risky behavior, with 70 percent of free apps tracking the user’s whereabouts. Only 44 percent of paid apps used location tracking.
  • Free apps are more likely than paid apps to use single sign-on, share data with ad networks and analytics, and perform other potentially risky behaviors.
  • In general, iOS apps “exhibited a greater percentage of risky behaviors” than did Android apps. Statistically, 91 percent of iOS apps showed at least one risky behavior compared to 83 percent of Android apps.
  • However, Android apps access user identity (71 percent of the top 200) more than iOS apps. Even though Apple prohibits iOS developers from accessing UDIDs, 26 percent of the top iOS apps manage to do it anyhow. That’s an increase of 20 percentage points from Appthority’s summer 2013 report.

See Full Story on blogs.cio.com

Leave a Reply