Consumers are getting more aware of the risks involved with giving away personal data to an service online. Financial information is among the top things customers want protected more securely than anything else. Even if things such as credit card and banking information is adequately protected, scammers can still make do with email address and passwords. Since so many people use one password for everything, a data hack can lead to an enormous amount of frustration. viaForensics, a security firm, tested many popular iOS and Android applications with its appWatchdog software and found many of them to mishandle customer information.
Take Foursquare for Android for example. Tons of people use Foursquare to check-in to locations they visit. However, viaForensics found that the Foursquare application, at least at one point, did not securely store passwords and didn’t encrypt user names or application data on each device.
Netflix for Android was found to not securely store passwords. It also didn’t encrypt user names or application data. A hacker could steal those passwords and have no trouble testing that password against other services that user is associated with.
Non-official apps such as the Starbucks Cards Manager were also tested. This app was found to not securely store credit card numbers in addition to leaving user names and application data unencrypted.
Some of these apps have already been updated from the time viaForensics ran its tests. It’s possible that they are secure now, but this is a testament to how exposed our data really is.