iOS Apps leak more user data than Android Apps

iOS logoAn analysis of transactions originating from devices protected by Zscaler security products reveals that iOS applications leak private user information in more situations than Android apps. The result of this study shows that the generally accepted theory of iOS being more secure than Android doesn't necessarily apply to the apps running on these two platforms.

According to data gathered in the last quarter, Zscaler says it detected around 200,000 transactions from a total of 45 million, where an app has leaked user data.

The type of leaked information includes personally identifiable information (PII) (user mobile number and email addresses), geo-location data (latitude and longitude coordinates), and device metadata (IMEI, MAC, IMSI numbers, Network, OS, SIM card information, manufacturer).

The biggest offender were iOS apps. Zscaler says it tracked 26 million transactions originating from iOS devices and their apps, of which 0.5 percent leaked user data, for a total of 130,000 operations.

The vast majority of the leaked data, 72.3 percent, was related to a user's device information. Additionally, 27.5 percent of transactions leaked geo-location coordinates, while only 0.2 percent of the apps exposed PII data.

70 percent of all the transactions that leaked private user data were traced back to iOS devices in China, and 20 percent to devices in South Africa. The US, the UK, and the Republic of Ireland made up the rest of the top 5.

iOS Apps leak more user data than Android Apps

When it came to Android apps, Zscaler says that from the 20 million transactions the company tracked, 0.3 percent leaked user data, or around 60,000 transactions.

Of these, 58 percent leaked device metadata, 39.3 percent leaked geo-location coordinates, and 3 percent leaked sensitive PII data.

Most of the leaky Android devices were located in the US (55 percent), the UK (16 percent), and China (12 percent).

The problem here is the potential for long-term threats. An attacker that taps into a company's traffic can gather large amounts of reconnaissance information over time, which he can later use in individually-targeted attacks such as spear-phishing, smishing, or denial of service (DoS).

Source: Softpedia

Tags: Android, iOS, security

Add comment

Your name:
Sign in with:
Your comment:

Enter code:

E-mail (not required)
E-mail will not be disclosed to the third party

Last news

Galaxy Note10 really is built around a 6.7-inch display
You may still be able to download your content
Facebook, Messenger and Instagram are all going away
Minimize apps to a floating, always-on-top bubble
Japan Display has been providing LCDs for the iPhone XR, the only LCD model in Apple’s 2018 line-up
The 2001 operating system has reached its lowest share level
The entire TSMC 5nm design infrastructure is available now from TSMC
The smartphone uses a Snapdragon 660 processor running Android 9 Pie
The Samsung Galaxy A5 (2017) Review
The evolution of the successful smartphone, now with a waterproof body and USB Type-C
February 7, 2017 / 2
Samsung Galaxy TabPro S - a tablet with the Windows-keyboard
The first Windows-tablet with the 12-inch display Super AMOLED
June 7, 2016 /
Keyboards for iOS
Ten iOS keyboards review
July 18, 2015 /
Samsung E1200 Mobile Phone Review
A cheap phone with a good screen
March 8, 2015 / 4
Creative Sound Blaster Z sound card review
Good sound for those who are not satisfied with the onboard solution
September 25, 2014 / 2
Samsung Galaxy Gear: Smartwatch at High Price
The first smartwatch from Samsung - almost a smartphone with a small body
December 19, 2013 /

News Archive



Do you use microSD card with your phone?
or leave your own version in comments (15)