That is according to Arxan’s 5 th Annual State of Applications Security Report.
The report chillingly mentions the IBM Security/Ponemon assertion that 50% of organisations have zero budget allocated to assess mobile app security and 48% of consumers expect that their personal information is likely to be hacked within the next six months.
Consumers are concerned – 80% indicated that they would change service providers if an alternative app is more secure and more than 90% of organisations fear just that outcome.
According to Arxan if people actually knew how vulnerable their apps really were we should expect a mass exodus of customers fleeing to providers of more secure, trusted mobile apps.
Among the most prevalent OWASP Mobile Top 10 Risks identified among the mobile health and finance apps tested are: 1) lack of binary protection (98%) – this was the most prevalent vulnerability; and 2) insufficient transport layer protection (83%). These vulnerabilities make applications susceptible to reverse-engineering and tampering, in addition to privacy violations and theft.
Mobile app security is becoming an increasingly important decision-making factor for consumers seeking to do business with organizations they can trust to protect their privacy and provide robust security. For businesses with mobile apps, this means that security can be used as a competitive differentiator to help attract and retain customers.
While it’s clear why organizations should mitigate the security, financial, and brand risks associated with vulnerable mobile apps, it’s less clear what organizations and consumers should do to improve protection.
According to Arxan CTO Sam Rehman, “The impact for businesses and users can be devastating. Imagine having your mobile health app reprogrammed to instruct you to deliver a lethal dose of medication. Or imagine your mobile finance app draining your bank account by redirecting funds.”