So you have downloaded the latest taxi aggregator app. Have you every thought that how much secure they are. You share your details such as phone number, email id and location. But this data can go in some unwanted hands as 98% of these e-commerce apps are vulnerable to cyber security attack.
The question about the mobile app security becomes significant when most of the e-commerce portals are planning to shift to app only mode for transaction.
Flipkart’s fashion e-commerce subsidiary Myntra has already shifted to app only mode. Hyperlocal companies such as Swiggy or Grofers are predominantly app based. Flipkart’s 75 % transactions take place through mobile.
According to Appvisil study, most of the popular apps scored low on cyber security standards. They found more than 50 types of vulnerabilities. Some of the security vulnerabilities are of serious level.
“We performed the security analysis on Appvigil, which requires only the executable APK file of an Android app,” says Toshendra Sharma, Founder and CEO, Wegilant – Appvigil.
Your data can be easily leaked from the app as these apps don’t care for security vulnerability. The study found that many of these famous apps did not even follow basic app security protocols. Vishal Vivek, CEO of a Delhi-based web and mobile application based company SEO Corporation, says, “This is of serious concern as it risks your serious financial information. It will affect the reputation of these companies in the long-term.”
He further clarifies that even dating apps and fitness related apps are highly prone to hacking. It also carries important information about your interests and other important details.
Common cyber-security vulnerabilities
It hardly matters whether you have developed app in-house or from third –party. Vishal Vivek explains, “Common vulnerabilities lies in login phase, it allows users to create weak passwords, mishandling of sensitive information, such as it can store it locally and may transmit it over the network, malicious code injection that can divulge protected information.”
Mobile app vulnerabilities are mainly due to API abuse which are more common in mobile applications than web applications.
How to make your mobile app secured
“The average developer is not cyber security savvy. But developers must constantly update themselves with industry’s best practices, “says Ravi Guru raj, serial entrepreneur, angel investor and startup mentor.
Using mobile antivirus can also be effective to some extent. However, you should give the biggest attention on development phase. Developers should take care of cyber security standards during the app development process.
“Unfortunately, startups hire only marketing officers first, and security officers last. It should be the other way round,” says Ravi Guru raj, startup mentor.
Companies should never compromise with the security to save few bucks. It will harm their reputation in future.