The state of vulnerability protection has improved since 2013.
But many Android apps still contain vulnerabilities.
Moreover, the increasing popularity of BYOD policies poses risks of corporate data leakage.
Although Android is among the most commonly-used smartphone OSes in Japan, its growth has exposed an unfortunate reality: the realization that security problems can exist even in ordinary apps has not yet been established as widely-appreciated common knowledge, both among developers of apps and by the corporations that use those apps.
Vulnerabilities in apps are security risks—arising when apps are developed with inadequate knowledge of security or insufficient attention to preventative measures—that pose risks of data leakage or data tampering. If these risks are neglected, organizations that outsource the development of apps may bear serious liability for flaws leading to data leaks, while organizations that develop apps in-house cannot rule out the possibility of leaks of confidential information.
In the two years since our previous report, we have redoubled research efforts based on our expert knowledge of Android app security.
Android Security Report, December 2015 version
The Android App Security Report, December 2015 Version reports the results of an analysis of current trends in app vulnerabilities conducted by SDNA using a sample collection of Android smartphone applications currently available on the market. This report presents the results of an analysis of app vulnerabilities in today’s Android apps—with a comparison to data collected two years ago—and discusses practical strategies for addressing vulnerabilities that developers may use to improve the security of their apps.