How Secure Are Apps On Your Smartphone Or Tablet PC?
As you know, very scary things can come in small packages. That smartphone or brand new tablet PC that you carry around on a daily basis may have a dirty little secret hidden inside of it. Over time, it will constantly acquire bits and bytes of personal data and confidential information about yourself, and it is also potentially waiting to divulge it’s entire contents to someone in a dark place that you’re not aware of. This is why mobile security is of vital importance.
Does that sound a little scary or what? But hang on, it gets a little worse. Your role in disclosing your personal information just may come down to the various apps that you are using. This can happen when you are accessing your personal bank, debit or credit card information, placing an order online, or performing just about any other routine or daily tasks you do on your mobile device. If you happen to have a poorly written app on your smartphone, even if it doesn’t have any malicious intent, and you happen to store any type of personal data on your mobile device, it makes it a potential ‘goldmine’ to virtually anyone who happens to gain access to your phone.
What Types Of Apps Are Susceptible To Security
• Apps that appear completely safe
• Apps that act benign
• Apps that usually follow some simple basic precautions (such as not even storing personal data locally on your device) or
• Apps not using a very high level of data encryption to protect your data, yet needs to store information locally on your device
Some of these apps have security holes or flaws in their code, that will allow others to be able to gain access to your stored personal data. There are also apps which have hidden malware code embedded in them from its origin.
Malware In Mobile Apps
You may think that you’ll be able to avoid all these security issue by sticking to just the recommended and well known app vendors and stores. The apps however, which are available from these platforms, or even carrier specific stores are not immune from malware. Even Apple’s iPhones are not exempt from this risk.
Apple recently removed from it’s store, a simple seemingly harmless application that would just turn the LED camera flash ‘On,’ so the iPhone could then be used as a flashlight. The app developer however, hid an 3G modem application within the application, that would allow individuals to use the iPhone as a modem from another device. Although technically, this wasn’t exactly malware, since the only thing the app did wrong was it violated Apple’s App Developers, ‘Terms of Service.’ But it illustrates that even these secure heavily guarded stores that monitors each and every app can potentially miss malware laden apps.
There Are Security Flaws In Apps
Security flaws, whether minor or major, come in every size, shape as well as form. In most cases, it is just usually a minor flaw, oversight or coding mistake by whomever developed the application. It could also be the OS that it runs on, that will put you and your personal data at risk.
There was a major bank a couple years ago, that had to inform all it’s customers that their mobile device banking app that they had developed for the Apple iPhone, was storing personal user data in hidden files, where it was possible that anyone who had access to their iPhone could gain access to their banking credentials.
Another type of security flaw are apps that can be utilized to gain access to personal secure data, or even completely take over your smartphone altogether.
For Example: There are some smartphone Web browsers on the market that can be used to download as well as install malware automatically. Some of these smartphones are actually shipped with pre-infected malware, that will not only affect the smartphone itself, but any PC or laptop that it may connect to as well.
Spyware On Your Smartphones
Not all of the smartphone security threats are hidden within an app. There are others that are divulged up front, directly in the ‘Terms of Service,’ that you agree to when you purchase the mobile device.
The ‘spyware’ on the TOS is usually written in small print, hidden in a very long, scrolling contract agreement that most never bother reading. But be assured, it is there, somewhere. In some cases, you will agree to allow your mobile device to divulge where your location is, or your personal contact information, as well as information on the apps that you are using. At times, you even allow them to monitor your texting.
App Stores and Vendors
At what sites on the Internet you get your apps is just as important as the function of the app itself. App stores are now everywhere, as they are all the rage. Because of sheer convenience, most do not even bother to check if the apps that they list are even safe or not.
Apple originally pioneered the safe secure app store, where every app submitted are thoroughly tested, before they are made available for distribution to the public. Apple will also require that all of the iOS apps be digitally signed, which will ensure that if an app is found to be ‘bad,’ it can be traced directly back to the developer.
Google’s Android apps however, allows for unsigned apps, but has additional security protocol and measures to protect against potentially rogue apps. An Android app is able to access any service on a smartphone, but it must ask for your permission first.
So it’s recommended that you NOT say, ‘Yes,’ sure, why not? go ahead to every request that comes from an Android app. You need to make sure that it makes sense for the app to gain that information.
For Example: Would an app that just manages your desktop background, really need to access your location information? Really? Most probably not, which may be a signal to you that the app is behaving badly, so beware.
How To Secure Your Mobile Device
If your smartphone or mobile device is provided by the company that you work for, they will generally be better controlled and managed by the IT department of the company, allowing just specific relevant applications be installed. But even if a smartphone’s security is already pre-configured, the users of these devices should still follow the same basic procedures that consumers follow.
How To Avoid Being A Target Of Identity Theft or Mobile Malware
• You should know exactly where your smartphone is at all times. Your smartphone which is stolen or misplaced is still the biggest threat to your personal secure data being breached
• Make sure that you understand how your smartphone or mobile device handles app security
• Never store sensitive personal data on your smartphone, especially if the information isn’t in some type of encrypted format
• Make sure that you enable password protection, ensuring that only you and you alone can turn on your smartphone
• If your mobile device supports ‘Automatic Data Wipe’ after a predetermined X number of unsuccessful attempts at your password, make sure that you turn that feature on
• Know exactly how to use the smartphones remote wipe function, and do not hesitate to use it
• Always be careful where you are downloading any type of app from (most especially the free ones)
• If you use a Blackberry device, make sure that you enable content protection, which will encrypt email messages, as well as all the other stored content. Your SD Media cards should be encrypted as well
• Always disable Wi-Fi and/or Bluetooth whenever you are not using it. Both of these functions can be used as an entry point to your device. When you disable Wi-Fi, that will also stop you from connecting to unsecured networks accidentally
Mobile Device Anti-virus Apps
Although presently, your mobile device may be the target of less threats than your desktop computer, the potential however is expanding at an exponential rate. As the entire mobile market is beginning to settle on just a few major Operating Systems to operate these mobiles, the unfortunate part is that there is more concentration on these particular OS’s as targets for malware.
You should be considering a mobile anti-virus app for your device, especially if you are a risky user.
What Is A Risky User?
• If you are continuously downloading apps left and right, just to try or test them out
• You routinely use your mobile device for banking or other financial activities such as online shopping
• You happen to store a lot of secure personal data on your smartphone
Then this would put you in the risky user category. You are also a risky user if you turn off the security features on your mobile because they are a nuisance, and get in the way when you are using your smartphone.
Always Proceed With Caution
As the current threat level of mobile device malware is rising, the risk will obviously continue to expand as the mobile device market grows. Creators of malware are beginning to realize that mobile devices are quickly replacing desktops as the primary source for the storage of important personal data, which also means that you should be more vigilant than ever.