On the December 6th, one of fast-growing bike sharing services, Obike, a Singapore company, became a victim of a cyber-attack. According to the investigatory reports, the breach took place over the course of two weeks before it was discovered and dealt with. However, by the time that this breach was noticed and patched, it was too late.
As a result, the names and personal information of millions of Obike users were leaked online. This information included their names, contact information, location, and profile photos – all of which has now been uploaded to the internet for the world to see. Fortunately, no payment information was leaked – at least one good thing came out of this attack.
According to the Obike developers, this breach was made possible through their “refer-a-friend” service which had an overlooked security weakness. This has now been removed and they have improved their level of security.
Let’s Discuss the Status Quo of App Security
Society doesn’t realise the importance of app security. Perhaps in the past, a lack of security wouldn’t have made much difference, but think about it: the majority of us have smartphones and carry them around with us every day. We use our smartphones to check our emails, order stuff online, and text and call our friends and family.
Now, we take it for granted that since we download apps from a verified app store, the apps are automatically safe. This isn’t the case, don’t be misled. If you are entering your bank account details on your smartphone to order from Amazon, for example, and you have an app which has unknowingly become victim to a cyber-attack, your bank account information is at risk. For this reason alone, app security is important now more than ever.
- 87% of the top 100 paid iOS apps were breached.
- 75% of the top 20 free iOS apps were breached.
- 97% of the top 100 paid Android apps were breached.
- 80% of the top 20 free Android apps were breached.
Let’s face it, app security is nowhere near the standard that it should be and if we don’t take a stance and force these top apps to focus more on their security standards, more of our personal information is going to be leaked over the coming years and privacy will be almost non-existent.
How Hackers Can Hack App Data and How Developers Can Increase App Security
Hacking is a very complicated process and all hackers will approach breaches differently, so we won’t dig into that. However, for app developers, there are a few things that they can do which make it significantly harder for their apps to be hacked.
- Make security a key focus of your apps development. Client-side and server-side security should be one of your focuses.
- Add identity verification when personal information is being used so that no unauthorized persons can access other user’s data.
- Take advantage of different data encryptions so that your algorithms and any transferred data remain secure.
All in all, it’s incredibly important that developers start to focus on app security and over the coming months, we hope to see them take it more seriously and increase their standards.
How to Secure iOS Device from Privacy Leak
To avoid having your personal data leaked to unauthorized third parties, there are a lot of different things that you can try to do.
Way 1. Find My iPhone
For those of you who have an iOS device, activate the Find My iPhone service as this will add an extra layer of security to your device.
How-to: Go to “Settings > iCloud > Find My iPhone” and turn it on.
Way 2. Revoke App Permissions
There are some apps which will require additional permissions which other applications won’t typically require. Revoke these app permissions so that these apps don’t have as much authority over your personal data.
How-to: Go to “Settings > Privacy” and revoke the app permissions.
Way 3. Turn Off Auto-Fill
Using the auto-fill feature means that your personal data (including some account passwords) is stored deep in your device’s storage. This means that if your device becomes infected or an app is breached, hackers can retrieve the auto-fill information.
How-to: Go to “Settings > Safari > AutoFill” and turn off each option.
Way 4. Use a VPN
With a VPN app, your data is sent through different data centres, making it harder to intercept and protecting your online identity.
Way 5. Anti-Virus Software
In some cases, a hacker may upload an infection to an application’s server data. This results in everyone who uses this app to download the infection, putting their personal data at risk. By having anti-virus software, if an infection is downloaded then your device will detect and remove it immediately.
Way 6. Erase Data from Your Device Permanently
Another thing that you can do to increase your app security is erase all of your personal data whenever you are selling or getting rid of your device. By doing so, you’re making it impossible for hackers to get access to your data.
"However, even though both iOS and Android devices have built-in factory reset features, they aren’t preferable. This is because these features don’t fully remove your personal data and with the right tools, you’re able to recover the data that was removed – and so can hackers! This is why we recommend you use iMyFone Umate Pro iPhone Data Eraser."
Steps for Erasing Private Data from iPhone
Follow our 3 step guide below to discover how you can permanently remove data from your iOS or Android device, and significantly benefit your app security.
Step 1. Install iMyFone Umate Pro and connect iPhone/iPad.
Step 2. Choose erasing mode, like "Erase Private Data".
Step 3. Tap on "Erase" button and confirm.
Why Choose iMyFone iPhone Eraser?
- 5 erasing options to choose according to your need.
- The No.1 eraser that supports to preview and wipe 3rd-party apps data.
- Deleted files by iMyFone are no longer accessible even by FBI.
- Act as an iOS optimizer to make iOS clean and speed it up.
- Highly recommended by lots of professional sites, like MacWorld, iPhoneinCanada, APPKED, etc.
App security is more important than people realise. Even though smartphone applications are a very insignificant part of the mobile industry, they have a lot more control over your device than you first realise and if they have a security breach, your personal data may be at risk. Don’t take this risk and instead, take into consideration what we’ve told you above to secure your device as well as your data.