The growth of mobile apps seems unrelenting, with 248,701 brand-associated apps appearing in 2016, according to research by RiskIQ. That’s the equivalent of 5,805 mobile apps on average per brand.
Compared to last year, that’s growth of 63%. The number of feral apps, those residing outside of app stores, has increased by 165% in the past year, with the biggest growth taking place in financial services.
The research exposes a significant increase in risk to both consumers and organisations. As the mobile app store ecosystem evolves, organisations across financial services, media and entertainment, retail, travel and gambling face a challenging future when it comes to protecting their digital assets, brand and customers from the impact of cybercrime.
>See also: 3 in 5 Brits at risk from cyber attack through poor mobile security
Organisations must defend themselves against mobile threats by regularly monitoring where their apps are located, ensuring they only reside in their list of approved stores.
Brands also need to check for instances of impersonation or claimed affiliation across this app store ecosystem and make sure offending apps are taken down quickly.
No matter whether the company owns or is aware of fraudulent mobile apps, if a customer’s data is stolen or used maliciously the blame will automatically fall with the organisation. Being proactive in defence is crucial for protecting their reputation as well as confidential data of their customers.
Organisations also have a responsibility to help educate customers to ensure that they only download apps from trusted stores, such as Google Play or the Apple App Store, and to scrutinise the information about the app before downloading.
Unfortunately, it’s not uncommon for people to blindly click ‘accept’ on terms and conditions before even reading past the first sentence and on requests for permissions without considering if they are actually needed for the app to do its job.
When this happens with a copycat or compromised app, it’s pretty much guaranteed that the information gathered from the device will be used for unwanted purposes and more often than not, for fraud.
>See also: How to tackle the growing complexity of the mobile security landscape in 2016
There are three critical questions to ask of an app: does the developer name look valid? Is the app rated and, if so, is the rating good? And how many people have downloaded the app?
During installation they should pay attention to what permissions are being requested and whether they are reasonable for the app in question, and they should spend some time reviewing the license agreement, paying particular attention to how collected data will be used.
The app-economy is booming and will continue to do so. Savvy businesses will take advantage of this opportunity whilst ensuring they are monitoring and managing associated apps, just as they manage every facet of their digital footprint.
Sourced from Ben Harknett, VP EMEA, RiskIQ
