Tag: inapp | SpinSafe

In-app mobile browsers pose hidden privacy risks

August 26, 2022/in Mobile Security

The browsers built into popular apps like Facebook and Twitter provide convenience for users looking to read a page — but also open them to broad privacy and security risks, as recent reports have highlighted.

The big picture: In-app browsers allow mobile users to follow links and read web pages without having to switch out of the app they’re using. But it’s difficult to audit who ends up with the data trails this browser activity creates — and that personal information could end up in the hands of the app maker.

How it works: Both Apple (iOS) and Google (Android) say they apply the same rules to in-app browsers that they apply to any other part of an app that they distribute in their app stores: Both companies require app makers to disclose all information they collect as part of their privacy policies.

Google also says it looks for data collected via in-app browser as part of its automated scans of apps submitted to the Google Play store.
Apple’s policies also prohibit particularly egregious abuses, such as surreptitiously discovering passwords or other private data.

Driving the news: Security researcher Felix Krause published a series of findings recently — including a report on TikTok last week and an earlier look at Instagram and Facebook — suggesting that many in-app browsers contain code that gives the app owners the ability to monitor what users tap, click or type.

Between the lines: App developers have the potential to collect more user information when they make use of an in-app browser to open links — and that could lead to more hidden data collection and heightened security risks, experts tell Axios.

Simple modifications to in-app browsers could easily allow platforms to track when someone types, clicks on a link or taps the screen, said Nick Doty, a senior fellow focused on internet architecture at the Center for Democracy and Technology.
This is true of all browsers, but with in-app browsers, users typically don’t realize that they’ve shifted into a different environment that might have different data collection practices — they might just think they’re using their default mobile browser, like Safari or Chrome, Doty told Axios.

Yes, but: It’s hard to say…

Source…

DoorDash Announces New In-App Safety Tools For Delivery From Harlem To Hollywood

November 3, 2021/in Mobile Security

Today, DoorDash announced the launch of SafeDash™: a new in-app toolkit powered by the security professionals at ADT.

ADT is the most trusted name in security, to help Dashers feel safe and give them greater peace of mind.

Dashers from Harlem To Hollis will begin seeing this in their app this month, with the feature available to 100% of U.S. Dashers by the end of the year.

The new in-app Dasher safety toolkit is launching with two new features while DoorDash continues to develop and build more resources that speak to the Dasher experience:

Safety Reassurance Call

In the event that a Dasher feels unsafe in a situation, they can quickly and easily connect with an ADT agent through the Dasher app. ADT will call the Dasher and remain on the phone until the Dasher feels safe. If the incident escalates, and the Dasher is unresponsive for a period of time, ADT will contact 911 to request an emergency response to the Dasher’s last known location, based on GPS from their smartphone.

Emergency Assistance Button

If a Dasher is ever in need of emergency services, they can easily swipe a button within the Dasher app for assistance. ADT will then contact 911 on the Dasher’s behalf, discreetly remaining in contact with the Dasher by text message. ADT will be able to pass along critical information such as their location, which will be shared directly with emergency responders. This also enables a Dasher to get help from 911 silently, providing additional information to ADT without needing to speak on the phone. Information on the incident can then be shared with DoorDash so we can reach out to the Dasher involved to provide support and follow-up.

To ensure Dashers feel comfortable using SafeDash, DoorDash is planning virtual Dasher education resources, direct communications, educational materials, and in-app guidance.

“Any New Yorker can understand that things move fast in the city,” said Johnny Marrero, a Brooklyn-based Dasher. “You have to be aware of your surroundings at all times — which is why I’m always thinking about ways I feel safe while making deliveries, especially at night. SafeDash means I’ll feel more confident having a 24/7 dedicated resource at my…

Source…

Survey: Mobile Users Want Vendors To Focus on In-App, On-Device Security

September 30, 2021/in Mobile Security

A recent survey of mobile users found a majority want app publishers to ensure high levels of in-app and on-device security.

The survey, How CISOs Can Meet Consumer Expectations of Mobile Security in 2021, includes response from some 10,000 mobile users worldwide. It was commissioned by Appdome, a provider of a no-code mobile security and development platform.

“I think the biggest takeaway is that the vast majority of consumers are NOT willing to trade features for weak functionality, “ Appdome CEO Tom Tovar told IDN.

“According to the data, roughly two-thirds of consumers value mobile app security as much or more than they do features. This means that what CISOs and security professionals have been saying for years has strong support from consumers: Mobile apps must be secure,” he added.

Tovar adds that the survey presents data that “flips the script” on conventional thinking about mobile apps – in other words, no longer are new features worth compromising on security. The survey is “making it clear that mobile app security and malware protection are on par with other critical features in the mobile app experience demanded by [consumers]” Tovar added.

The survey results also provide CISOs “key insights into which mobile app threats consumers fear most,” Tovar said. Noted.

Photo by Dan Nelson on Unsplash

Among the most notable findings are:

Finding #1; Many consumers feel quite strongly about the need for mobile security

73% would stop using a mobile app if it left them unprotected against attack
74% would stop using a mobile app if their app was breached or hacked

Nearly half (46%) said they “would tell their friends to stop using an app if their app was [breached] or hacked,” the survey reported.

Finding #2: Most consumers value security and malware protection as much — or more – as the latest, greatest features. This is in sharp contrast to the view of mobile app developers and publishers, who often say providing consumers the best features is most important — even if they have to sacrifice security.

In fact, the Appdome survey found it’s practically a dead heat between security…

Source…

Android study finds privacy and security risks related to in-app advertising – Engadget

March 20, 2012/in Mobile Security

TIME

Android study finds privacy and security risks related to in-app advertising
Engadget
These ad libraries pose security risks because they offer a way for third parties – including hackers – to bypass existing Android security efforts. Specifically, the app itself may be harmless, so it won't trigger any security concerns.
Researchers find privacy and security holes in Android apps with adsArs Technica
Mobile apps with ads called security riskUPI.com
Your smart phone may be at risk, say researchersTechFlash

all 100 news articles »

“android security” – read more

Tag Archive for: inapp