The company’s enterprise security arm HP Fortify conducted a series of tests on mobile apps that produced concerning results, almost every app is vulnerable.
Mike Armistead, vice president and general manager, Enterprise Security Products, Fortify HP confirmed that around 71% of the vulnerabilities were related to the server end of the mobile apps.
Most of the flaws found are common problems like SQL injection and cross-site scripting exactly as most popular web application vulnerabilities.
The study revealed that nearly 90% have at least one security flaw, the research evaluated 2,107 applications designed by 601 companies on the Forbes Global 2000 based on iOS.
The security specialists grouped the security vulnerabilities in four categories:
The problem of security for mobile apps is crucial especially for enterprises that have to manage also the promiscuous use of their mobile devices. The vulnerabilities found are easy to fix but there is a dangerous trend to underestimate them with serious consequences.
Despite the tests have been conducted only on iOS mobile apps, HP experts say that there is good reason to believe the same flaw exist for Android.
It’s time to increase security by design for mobile apps, there is the need to follow best practices in mobile app development to avoid that the mobile platform will became the hackers’ paradise.
(Security Affairs – Mobile apps, Security)