Privacy might be the strangest word in the world's shared lexicon today. Consumers are increasingly concerned about the privacy of their information. At the same time, consumers continue to agree to share more of their data regularly through apps and other digital technologies. Suffice it to say that this has become a complex discussion, but one that app developers and testers have a sole purpose to oblige and make sure software is not susceptible to information exposure.
"App managers must ensure their software is secure."
The debate between privacy advocates, consumers, government officials and businesses is one thing, but app managers need not get involved. Rather, they ought to focus on crafting apps that will not, under any circumstance, disclose data—or collect it for that matter—without being allowed to. This means protecting the apps from hackers, as well as glitches that can potentially lead to leakage.
IBM and Ponemon Institute's latest Cost of Data Breach Study showed that the average damages associated with information loss rose to $3.8 million between 2013 and 2014—a 23% increase. That, combined with the fact that privacy is a hot-button issue influencing the purchasing and downloading decisions of consumers around the globe, should be plenty to back the assertion that software quality assurance needs to cover security.
What Types of Mobile Data Are Shared?
Engadget recently argued that apps are sharing far more data than many would expect, and that consumers are giving up the rights to use that information at an accelerated pace. Unfortunately, some of the apps are actually funneling into a bigger range of domains than the user is aware of. What's more, this is more common than most would think, as Engadget pointed to a research team that found this issue to be widespread.
Here is a breakdown of some of the information that is being shared the most, according to the source:
- For iOS users, location data is being shared 47% of the time, names 18%, and email addresses 16%.
- For Android users, email addresses are requested by 73% of apps, and just under half demand a name.
Clearly, something needs to change here. Engadget noted that permission requests might be a good place to start refining app sharing practices, ensuring that users understand what data is being shared and where it is being sent.
User agreements are one thing, but software testing professionals will also need to ensure they are covering the threat of malicious code.
Malware Is Everywhere
TechTarget recently reported that the app security landscape is beginning to look a bit grimmer as time goes on, with several studies showing the enormous increases in malware prevalence. For example, a McAfee Labs report from 2015 that found six million new pieces of malware hit the web in just the final three months of 2014.
According to TechTarget, permissions, placement in app stores, public information related to vulnerabilities and more should be having a major impact on users' decisions to download or balk. From the mobile testing and development standpoint, this means that apps need to be built to succeed, should go through app monitoring for vulnerabilities, and be consistently reviewed as "safe" among users to truly reach full adoption potential.
There is simply no chance that this particular discussion will quiet any time soon, as mobile security and privacy concerns reach the mainstream.
How will you protect your apps from threats and privacy vulnerabilities?