According to a newly released study on application security, free iPhone apps are more likely to access your personal information.
This information comes by way of a report by research firm Appthority, which attempts to give a comprehensive look at real world scenarios that could compromise computer networks in the workplace.
Their App Reputation Report found that after examining the top 100 free applications on iOS and Android, iOS apps were more likely to commit risky behaviors like tracking your location and sharing personal information in your calendar without asking. This segment of the smartphone applications continues to be the most popular as it’s widely believed to be easier for developers to grow their audience and monetize their applications with free apps.
The report also goes on to note that 100% of the top 50 free applications in the categories of business, education, entertainment, finance and games on iOS were transmitting data to backend servers without any sort of encryption at all, while only 92% of Android applications in those same categories were guilty of the same thing. Transmitting data without encryption leaves the data of the app’s users potentially more susceptible to someone other than the application developer and the user getting ahold of that data. That lack of encryption also becomes a bigger problem when there’s more of your information to share. Results shared in the study show that 60% of iOS applications have access to a user’s calendar too.
We’re not ready to throw down the proverbial security gauntlet just yet. As the chart below shows, only when it comes to access of user’s contacts and calendar does Android not come within 20 points of matching iOS apps participation in these risky behaviors. Additionally Android apps that use single sign-on systems from Facebook and Twitter outnumber those on iOS by two full percentage points. While these systems are convenient for users, potential data thieves need to only gain access to only one account to comprise data from anywhere that account is being used.
Still, these statistics could spell the end to a long held belief that Android is more of security risk due to the nature of its freely available code and because the Google Play Store is open to submissions from all developers and not curated in the way in which iOS and Windows Phone are.
As smartphones continue to make their way into the workflows of companies around the world, reports like this one are meant to act as a warning beacon for usage scenarios that could lead to stolen data and intrusions info corporate networks.