The mobile security company mediaTest digital continuously analyzes the situation on the app market and allows an exclusive look at its database at the turn of the year: How secure are our daily used apps really? How have the Corona apps fared in terms of data protection and what is the forecast for 2022?
Apps love user data – even beyond their necessity
The app analysis provides some frightening results: More than half of all apps (iOS: 54%, Android 64%) collect and process sensitive user data. “Since in the majority of these cases the processing of some data is not necessary for the functionality of the app, the question arises as to why the apps still collect this data,” comments Sebastian Wolters, CEO at mediaTest digital, critically on these figures. “Users should always ask questions if, for example, an alarm clock app also wants to access the photo album.”
Please confirm your email address!
Click on the link in the email we just sent you. Also check your spam folder and whitelist us.
More information about the newsletter.
Unencrypted transmissions are not uncommon
In this context, the experts were able to draw two further conclusions from their database. More than half of all apps continue to use external trackers and analysis tools to determine usage behavior. And that, although it was only in December 2020 that Apple wanted to put a stop to cross-app tracking with the introduction of the App Tracking Transparency function. In addition, 68 percent of all apps use no or only limited encryption methods for data transmission. It is therefore not surprising that a total of 71 percent of the apps checked disregard the requirements of the European General Data Protection Regulation (GDPR). The legally secure handling of the recorded user data can therefore not be guaranteed.
Corona apps: security level needs improvement
But some of the Corona apps, which significantly shaped the app market in 2021, also had security deficiencies. The Android version of the luca app accesses the list of all apps on the mobile device. The CovPass app also has to improve some of its access rights. One thing is certain: These means, which are so important for fighting the pandemic, must not undermine the trust of the citizens through questionable data processing.
What does this mean for companies in 2022?
The results of the App Security Report 2021 make it clear that apps used every day collect more user data than we realize. Everything indicates that data security will continue to be a focus in 2022. In particular, mobile companies that work with a large amount of sensitive data must be aware of the security problems associated with the use of apps. mediaTest digital therefore recommends a comprehensive security check before applications are used in the company.
The full App Security Report 2021 from mediaTest digital with all data and facts is available for download here.