Overview of App Security Weaknesses
We examined the results of security testing 400,000 mobile apps and recorded the following prevalence of high risk security issues in those apps.
We identified at least one high risk issue in almost one in four mobile apps. Out of all the mobile apps we tested, 13.3 percent had file system issues. The prevalence of sensitive data leak and network issues in all mobile apps were lower than other issues at 10.7 percent and 3.8 percent respectively.
The chart below illustrates the quantity of issues found by type for the most popular apps on the Google Play store. We’ve defined popular apps as those with more than 1 million downloads. In total, we found 16,036 high risk issues among these popular applications.
This chart illustrates that mobile apps continue to leak usernames, passwords, and email addresses. This is particularly concerning because many users reuse the same username and password for different apps. The compromise of a user’s credentials for one app could easily lead to the compromise of another app or web account.