The HP study focused purely on custom business apps, but there’s no reason to believe the issue doesn’t extend to commercial apps you find in the Apple App Store or Google Play. Many apps have access to data or permission to perform functions they shouldn’t. […]
The security risks in apps go beyond permissions, though. There are issues in how the apps integrate with core functions of the mobile operating system, as well as how they interact with and share information with one another.
In the HP study, 97 percent of the apps contained some sort of privacy issue. HP also found that 86 percent of the apps lack basic security defenses, and 75 percent fail to properly encrypt data. Assuming similar percentages across the hundreds of thousands of consumer apps in the app stores, it’s likely that you have a few security or privacy concerns floating around your smartphone or tablet. […]
The mobile operating systems have improved in terms notifying users about the permissions an app is requesting and providing the user with more control to allow or block access to specific functions. But the system still puts too much burden on the user, both to know those controls exist and how to use them, as well as to understand the implications and security concerns of the apps.