Report and Index Highlight Significant Security Policy Violations – Placing LiveNation, Ticketmaster, Geico, Delta, Facebook and Speedway and their users at risk.
Troy, MI - RIIS, LLC, an IT services firm specializing in mobile application development and professional services, today announced they’ve published an Android App Security Index that ranks mobile applications according to their adherence to mobile security policies.
The Android App Security Index lists 4 leaders and also 5 apps that have room for improvement. Scoring is based on how well the app developers mitigated these 10 mobile app security risks:
- Insecure Data Storage
- Weak Server Side Controls
- Insufficient Transport Layer Protection
- Client Side Injection
- Poor Authorization and Authentication
- Improper Session Handling
- Security Decisions Via Untrusted Inputs
- Side Channel Data Leakage
- Broken Cryptography
- Sensitive Information Disclosure
The leaders in the Android App Security Index are…
- JP Morgan Chase with Chase Mobile App
- Wells Fargo with Wells Fargo Mobile App
- State Farm Insurance with Pocket Agent App
- IRS with IRS2GO App
These companies/brands have demonstrated a true understanding of mobile app security and have taken appropriate measures to secure their own data and that of their end users.
Room for Improvement
The following 5 apps have room for improvement in mobile security.
- LiveNation/TicketMaster with Live Nation App
- Geico Insurance with Geico App
- Delta Airlines with Fly Delta App
- Facebook with Facebook App
- Speedway with Speedway Fuel & Rewards App
Notable risks include ability to recover usernames and passwords from some of these apps as well as user’s messages and personal information in the remaining apps.
The complete Android App Security Index is available for download by clicking here.
Along with the Index, visitors will find:
- Top 10 mobile app security risks and what they mean for app development.
- An overview of mobile app security that offers non-technical owners understand risks.
- Solutions for mobile app security including utilities to secure files, flag security risks and regularly audit code.
RIIS is an IT consulting firm based in Troy, MI. Our primary service includes accelerated application development through visualization and automated tools for the web and mobile technologies. We help companies get the applications they need, faster! Industry experience includes software, eCommerce, advertising, defense, insurance, banking/finance, and telecommunications.