Positive Technologies has carried out a study on all the Android applications present on the Google Play Store and iOS apps on the Apple Store in order to reveal how many of them pose risks to user safety.
43% of Android apps contain some kind of vulnerability, while the percentage stops at 35% for iOS. The analysis continues by stating that 76% of these vulnerabilities relate to the unsafe storage of data, which means that passwords, financial and personal data are often easily accessible by malicious parties. The work to be dealt with by criminals would not even be so complicated, given that 89% of vulnerabilities discovered are accessible by malware already present on the “market”.
Focusing on the data concerning Android, it also turns out that 74% of the flaws concern the lack of security on the application side, while 42% on the server side or even a combination of the two. Finally, don’t think that the root worsens the situation much since most vulnerabilities seem not to require it in “allowing” access to sensitive data.
What is Google’s position? The company has long started a process to analyze and remove the applications that require permits not necessary for their correct functioning, but the main problem at the moment does not have a simple solution given that it is at the base.
In fact, the vulnerabilities are created by the developers themselves: the rewriting of the code, which can be tens of thousands of lines, is certainly not easy and therefore some errors are made. In your opinion, what could be the most effective solution?