Google Play’s most downloaded shopping apps irresponsibly process users’ data

Posted by The Pradeo Lab on November 14, 2019

The largest online retailers in the world offer their products through mobile applications that are used by billions of customers. As a result, nowadays 82% of internet users shop online through their mobile device, according to a Statista report.

When a mobile application handles personal and financial data, it is required by data privacy laws, such as the General Data Protection Regulation (GDPR) and the Payment Service Directive 2 (PSD2), to embed security capabilities that’ll enforce privacy by design and prevent data breach.

The Pradeo Lab looked into Google Play’s 38 most downloaded shopping apps, shredding them with its app security testing tool. The results show they overly process personal data and handle them in a poorly secure manner.

 

 

Read More

SMS OTP Authentication: Not As Safe As You May Think

Posted by Roxane Suau on November 07, 2019

Most online transactions require a two-step authentication, and the One-Time-Password (OTP) sent by SMS is often one of those two steps. The purpose of an OTP is to prevent fraud by confirming that the person making the transaction and the credit card owner are one and the same. To do so, a temporary code is automatically sent by SMS to the phone number associated with the bank account used.

 

Read More

The Pradeo Lab identifies another app with Joker malware on Google Play

Posted by The Pradeo Lab on October 22, 2019

Update: The app “Int App Lock” has now been deleted from Google Play and added to global antiviral databases.

Joker is a malware that silently exfiltrates data and subscribes users to unwanted premium subscription. In September, the malware was found in 24 apps on Google Play. Last week, Pradeo researchers identified another infected application still featured on Google Play. The app called Int App Lock, a tool intended to lock access to some data with a PIN code, was installed on 10,000+ devices. Users are advised to immediately delete it from their device.

 

Read More

Pradeo launches a Private Secure Store solution to facilitate and expand safe BYOD usages for companies

Posted by Roxane Suau on October 15, 2019

After being awarded by Frost & Sullivan for best mobile security, Pradeo adds a new offer to its product line to address a strong mobile security need so far unanswered.

 

Read More

Rohde & Schwarz Cybersecurity and Pradeo launch a unified application security offer

Posted by Stéphane Saad on October 09, 2019

 

Press Release


Rohde & Schwarz Cybersecurity and Pradeo, leaders of IT security and mobile security respectively,
are shedding the light today on a joint offer, dedicated to protecting web and mobile applications
with an end-to-end approach.

 

Read More
All posts