The largest online retailers in the world offer their products through mobile applications that are used by billions of customers. As a result, nowadays 82% of internet users shop online through their mobile device, according to a Statista report.
When a mobile application handles personal and financial data, it is required by data privacy laws, such as the General Data Protection Regulation (GDPR) and the Payment Service Directive 2 (PSD2), to embed security capabilities that’ll enforce privacy by design and prevent data breach.
The Pradeo Lab looked into Google Play’s 38 most downloaded shopping apps, shredding them with its app security testing tool. The results show they overly process personal data and handle them in a poorly secure manner.