Smartphone Security Issues And The Potential Pitfalls

Smartphone Security Issues

Smartphones, with advanced computing ability and connectivity, have dramatically changed the computing landscape. Smartphones run complete operating system software that provides a standardized interface and platform for a large number of applications in the marketplaces such as the Apple App Store, Android Market, and Amazon App Store. Android Market is the most popular app store among commercial developers. Google Play is the premier store for distributing Android apps. Users can easily and quickly download new apps and games. This popularity of smartphone applications has drawn the attention of attackers. There are several demonstrated Malware attacks on the Android platform. Studies indicate that the number of malicious applications in app repositories has increased with increasing the rate of downloading apps. Therefore, Privacy and security of apps are important issues for smartphone users.

According to new research by University of New Haven’s Cyber Forensics Research and Education Group (UNHcFREG), “anyone who uses the affected applications is at risk of confidential data breaches. Depending on the app, user locations, passwords, chat logs, images, video, audio, and sketches can be viewed by people invading the user’s privacy”. Moreover, Ibrahim Baggili, assistant professor of computer science at UNH’s Tagliatela College of Engineering stated that “although all of the data transmitted through these apps is supposed to go securely from just one person to another, we have found that private communications can be viewed by others because the data is not being encrypted and the original user has not clue.” Unfortunately, most smartphone users believe that downloading applications from the app repository is risk-free or secure because of existing security controls in the app repository. Hence, majority of smartphone users ignore security messages during application installation due to the lack of security awareness. Therefore, educating users and enhancing their knowledge about the security practices is paramount. “They should learn to run security tests on their own”.

Although several security companies have introduced some security solutions for smartphones (e.g. anti-virus, firewalls, rootkit detectors, intrusion detection system (IDS), and other useful tools) that can be run on the smartphone and smartphone user can take these applications in online market, they cannot prevent attacks from inside caused by using implementation error or user unawareness. They can only prevent attacks from outside like malware. Therefore, users should adopt other security mechanisms to enhance security of their smartphone.

Jeon et al. (2011) conducted a study on smartphone security called A Practical Analysis of Smartphone Security and introduced three ways to keep smartphone secure. They are as follows:

  • Add-on application is easiest way. Smartphone users have to install appropriate applications (like anti-virus or SPAM filtering from appstore ) to their smartphone to increase smartphone security. In fact, this way can’t ensure security improvement.
  • System add-on means system updates. Platform manufacturer and application developer provide updates for their products and this update includes both improvement of functionality and security. So, smartphone users have to update their smartphone platform and applications periodically for smartphone security.
  • System modification is most expensive way to improve smartphone security, because it needs kernel configuration. However, this way can improve entire security of smartphone platform.”

In addition, application developers and smartphone users should adopt cryptographic technology (application and APIs) to enhance confidentiality and integrity in smartphones. In line with this idea, Baggili suggests that “the app stores should have enforced standards for personal messaging applications that enforce developers to use encryption on those apps.”

By Mojgan Afshari

Flexiant Tony Lucas

There Are Still Opportunities For Service Providers

Opportunities For Service Providers Service providers (SPs) still have a golden, but short-lived opportunity to commercialize the $266.4 billion cloud services market before AWS and others ...
Patrick Joggerst

Session Border Control as a Service: Faster, More Secure and Dramatically Less Complex Enterprise Communications

Session Border Control as a Service As businesses are increasingly moving to cloud-based unified communications (UC) for improved collaboration and productivity, they must also ensure ...
Atman Rathod

How APIs and Machine Learning are Evolving? 

Machine Learning Continues to Make API Development Better  For any developer, API or Application Programming Interfaces come as the helpful components to add valuable features ...
Hacker Cloud

Pandemic and Cybersecurity: Top Threats to Businesses

Pandemic and Cybersecurity The worldwide spread of the COVID-19 virus is coming to naught (or at least we hope so). But the impact that this ...
David Gevorkian

Why Web Accessibility is Important and How to Avoid Lawsuits

Why Web Accessibility is Important In today’s digitally driven world, those with disabilities are normally the ones experiencing difficulties when using and navigating the web ...
Mark Barrenechea

The Digital Era Moves Into The Information Era

We have entered the Information Era Building on the groundwork of automation, connectivity and computing power that defined digital, the Information Era is characterized by ...
Fog Computing.png