MetaIntell Identifies Enterprise Security Risks, Privacy Risks and Data Leakage in 92% of Top 500 Android Mobile Applications
MetaIntell‘s Dynamic AppInterrogator Leverages Contextual Information to Identify Safe Applications for Download
Mountain View, Calif. – January 22, 2014 – MetaIntell™, the leader in intelligent cloud-based mobile risk management (MRM) announced today that after testing the top 500 Android applications using its next generation AppInterrogator™ product, it identified that approximately 460 of those 500 Android applications (available in apps stores such as Amazon, CNET, GETJAR, and Google® Play) create a security or privacy risk when downloaded to Android devices. MetaIntell undertook this testing as part of its test plan to validate its next generation AppInterrogator™ product.
“Access to personal data is what makes mobile applications uniquely useful and relevant to users,” said Chris Hazelton, research director for mobile and wireless, 451 Research. “In exchange for free apps, consumers are willing to share personal data with third party developers. Companies cannot afford to do this, and must control access to data on mobile devices – creating a real need for greater transparency and control of the apps that are available to employees from public app stores.”
What most people do not fully appreciate are the risks associated with downloading apps from the million plus Android applications available in app stores. Most users assume that applications are trusted if they are offered in an official app market. App stores typically make no guarantee about the trust worthiness of the products they offer. Most often applications are developed and hosted in the apps markets with no risk assessment. As MetaIntell has discovered, almost any application can become the source of serious threats. These threats can affect both the device and the intranets to which that device connects, and can have widespread and catastrophic results.
While the risks MetaIntell identified in its testing are across the board, we found that over 92% of the applications we tested used non-secure communication protocols while 60% communicate with domains that are blacklisted by a reputation service. Additional risks included developer reputation, content vulnerabilities and 20% of the apps tested had the ability to load external applications either locally or remotely – all without the express consent or knowledge of the user.
Digging deeper into the data, MetaIntell rated the risks so high on many applications that 42% of them should not be allowed onto any user device or enterprise.
So how can mobile device users and enterprises protect themselves from risky mobile applications? By not downloading applications that carry risk. MetaIntell offers a unique solution that prevents risk in the first place. “Threats occur where risk condition exist. Eliminate the risk and avoid the threat,” said Kevin Mullenex, CEO of MetaIntell.
In addition to offering its AppInterrogator to individual consumers for purchase, MetaIntell offers a version of the product specifically designed for operators of Android app stores. This cloud based solution verifies applications each time they are requested for download ensuring app store customers are protected. In providing customers with this service, app stores are alerted to apps that do not comply with their risk policies and they can take appropriate action to protect customers.
AboutMetaIntell MetaIntell is the leader in intelligence-led, mobile risk management (MRM) market space. MetaIntell provides a cloud-based service that interrogates mobile apps for malware threats, privacy risks, security risks and data leaks, and correlates the data with gathered intelligence to declare an app is In or Out™—before it is downloaded by a user. All of MetaIntell‘s partners and customers rely on MetaIntell‘s innovative solution as a key element in their product and service offerings, or mobile risk management strategy.