Press Release: Report Highlights Significant Mobile App Security Policy Violations

Report Highlights Significant Mobile App Security Policy Violations – Placing Popular Social Network, Insurance Companies, Airlines and Their Users at Risk.

Troy, MI - RIIS, LLC, an IT services firm specializing in mobile application development and professional services, today announced they’ve published an Android App Security Index that ranks mobile applications according to their adherence to mobile security policies.

Of the 20 apps, the top 4 had no security issues identified but the other 16 had room for improvement. Scoring is based on how well the app developers mitigated these 10 mobile app security risks:

  1. Insecure Data Storage
  2. Weak Server Side Controls
  3. Insufficient Transport Layer Protection
  4. Client Side Injection
  5. Poor Authorization and Authentication
  6. Improper Session Handling
  7. Security Decisions Via Untrusted Inputs
  8. Side Channel Data Leakage
  9. Broken Cryptography
  10. Sensitive Information Disclosure

The leaders, those exhibiting care in mitigating these risks, in the report include

  • 2 national consumer financial institutions
  • 1 national home, life and auto insurance company
  • 1 government organization

These companies/brands have demonstrated a true understanding of mobile app security and have taken appropriate measures to secure their own data and that of their end users.

However, 5 apps were found to have room for improvement in mobile security. These include:

  • 1 event ticketing retailer
  • 1 national home, life and auto insurance company
  • 1 major US airline
  • 1 popular social network
  • 1 national gas station

Notable risks include ability to recover usernames and passwords from some of these apps as well as user’s messages and personal information in the remaining apps.

The Index, complete with the names of the apps studied and their issuing companies is available for download here.

Along with the Index, visitors will find:

  • Top 10 mobile app security risks and what they mean for app development.
  • An overview of mobile app security that helps non-technical owners understand risks.
  • Solutions for mobile app security including utilities to secure files, flag security risks and audit code.


About RIIS
RIIS is an IT consulting firm based in Troy, MI. Our primary service includes accelerated application development through visualization and automated tools for the web and mobile technologies. We help companies get the applications they need, faster! Industry experience includes software, eCommerce, advertising, defense, insurance, banking/finance, and telecommunications.

(248) 351-1200


Speak Your Mind