Data on Your iPhone, iPad Not as Safe As You May Think

The most popular free iOS apps are more likely to share your unencrypted data with third parties than the top free Android apps, according to a recent study from Appthority.

Android is the Wild, Wild West of mobile operating systems, where anything goes, and iOS is a walled, carefully-cultivated garden. That’s the common perception, at least—one that a recent study challenges.

Each and every one of the top 50 free iOS apps sent data to and received it from outside parties without encryption, compared to 92 percent of the top 50 free Android apps, according to Appthority’s February 2013 App Reputation Report (a free PDF download).

Apple App Store logo

The study also says 60 percent of the top 50 free iOS apps track user locations; 60 percent share data with advertising or analytics networks; and 54 percent can access contacts. A small percentage (14 percent) can access calendar information as well.

The top 50 free Android apps weren’t too far behind their iOS rivals, with 42 percent tracking location and 50 percent sharing data with ad networks and/or analytics companies. But only 20 percent of the top 50 free Android apps access contacts and none get calendar data.

The report looked at five categories of apps: Business, Education, Entertainment, Finance, and Games. Among the categories, Entertainment apps "exhibited the highest number of risky behaviors," especially in relation to location tracking and data sharing with ad networks/analytics companies. Education and finance apps are the least risky overall.

The 2013 study shows that iOS apps "had even more access to data" than the apps in its July 2012 iOS report. Appthority says the trend will continue to increase for both iOS and Android as "developers seek ways to monetize free mobile apps."

None of the apps showed signs of increasing user exposure to mobile malware. But malware infects less than one percent of all apps, Appthority says. "The real concern should be over how mobile apps are handling personal info and company data," the report states.

The study also highlights a problem Appthority hopes help identify and manage: mobile app risks for enterprises. It’s a legitimate concern—one that has been raised before.

In February 2012, in fact, Apple got into hot water over how some iOS apps were leaking data, including personal contact info. The company responded by changing its rules for developers regarding app behavior and adding a new setting, Privacy, to iOS 6.   

App risks are also worth consideration because of the current BYOD trend, even though some predictions suggest it will decline this year. And consumers are downloading more apps than ever before, with Apple claiming roughly 20 billion of the total 40 billion app downloads in 2012. Not surprisingly, many of those downloads were free apps.

If nothing else, the Appthority study should be a useful reminder for anyone with a smartphone or tablet: There is no such thing as a totally free app

NEW! Download the State of the CIO 2017 report