Almost 9 per cent of popular apps downloaded from Google Play interact with websites that could compromise users' security and privacy, according to a new study.
Researchers at the University of California, Riverside (UCR) conducted a large-scale analysis of URLs embedded in 13,500 free android apps downloaded from Google Play, in one of the first studies to analyse behind-the-scenes behaviours of good applications.
The apps which were tested were created by reputable developers and downloaded by many people, among them popular social media, shopping, news and entertainment apps.
Although apps connect to a complicated network of websites, both to function and generate advertising revenues, researchers said most users don't know their private information could compromised.
"We focused on a relatively neglected aspect of security research, which is the potential for good apps to leak personal information through the sites they interact with," said Michalis Faloutsos, a professor at UCR.
"A lot of people believe that if an app is popular or available on one of the big app stores then it must be safe, and we suspected that wasn't the case," said Faloutsos.
By developing and using a tool called AURA (Android URL Risk Assessor), the team identified more than 250,000 URLs accessed by the 13,500 apps, which they cross-referenced for trustworthiness using VirusTotal, a database of malicious URLs, and Web of Trust (WOT), a popular website rating system.
The researchers found that almost nine per cent of the popular apps interacted with malicious URLs, implicated in distribution of malware.
As many as 15 per cent talked to bad websites, with intentions that vary from harming devices, stealing confidential data or annoying users with spam.
They also found that 73 per cent talked to low-reputation websites (those receiving a Web of Trust rating lower than 60/100), and 74 per cent talked to websites containing material that is not suitable for children.
"I think the fact that 9 per cent of the good apps we analysed interacted with at least one website that distributes malware is very worrisome," said Faloutsos.
"The team plans to make AURA available for developers, researchers, android users, and distributors like Google Play," said Xuetao Wei, professor at the University of Cincinnati in US.
The researchers recommend users to limit the number of apps on their phones to those they really need and review new apps before downloading them.
"Reading the comments left by other app users is a good security practice that can help users make more informed decisions about what they put on their smartphones," Wei said.
Approximately 75% of emerging market SMEs surveyed report
that mobile has helped them grow revenue, become more efficient, and be more innovative. Plobal Apps also has a channel partner program that enables advertising agencies, digital marketing agencies, social media agencies and web development companies to create fully native apps on both Android and iOS mobile platforms for their clients using the company platform.
Plobal Apps, one of the fastest growing and most promising M-commerce startups in India, provides just the right solution with unique features that cater to the needs of the current market.
USPs:
- No technical knowledge or coding skills required
- Can build and publish apps in under 5 minutes
- Fully native apps for iOS and Android platforms
- Extremely affordable pricing plans
- Platform designed for multiple industries
Talking about the technology, Atul Poharkar, Co-Founder & CEO, Plobal Apps, said, "We have
built Plobal Apps with a vision of providing quick, affordable and easy app development solutions to SMBs. Today, every business needs a mobile app and we feel our platform will help SMBs break the barrier of technology and compete with the biggest names in the industry. This is a first of its kind attempt in India, as DIY apps industry is at a very nascent stage here. We look forward to revolutionizing the mobile app space in India.
