Press Release

Intertrust Releases 2024 Security Report on Global mHealth App Threats

The report reveals critical threats to Healthcare apps based on the detailed audit of 100 iOS & Android mobile applications.

Report on Global mHealth App Threats

An audit of the top 100 Android and iOS healthcare apps revealed major threats, data leakages, cryptographic shortcomings, and other security breaches of healthcare mobile apps across the globe. These findings highlight the gaps in data security & pinpoint areas where massive improvement is required in the post-COVID 19 remote healthcare boost.

SAN FRANCISCO- September 29, 2020 - Intertrust is a leading company in application security solutions and digital rights management (DRM) technology. They released their 2020 Security Report on Global mHealth Apps. The crucial and invaluable findings showcased the vulnerability of mobile healthcare apps across the world. 71% of medical applications showed one critical shortcoming that could result in the breach of the user's medical data. The report put 100 global healthcare apps under the lens to study threatening mHealth security trends. Investigated apps ranged across various categories- COVID tracking, telehealth, medical device, and health commerce.

The most serious and prevalent issue was of Cryptography. About 91% of apps failed in at least one cryptographic test. Implying that the encryption used in most applications could be easily broken, increasing risk to patient's medical data. Such apps invite malicious hackers to tamper, steal, or use the data for personal use.

The study's conclusive findings revealed that the massive push to revolutionize remote healthcare apps in a COVID 19 world comes at the cost of mobile data security. 

Bill Horne, CTO at Intertrust and General Manager of Secure Systems product group commented on this "Unfortunately, there’s been a history of security vulnerabilities in the healthcare and medical space. Things are getting a lot better, but we still have a lot of work to do" He then expressed in a more positive note "The good news is that application protection strategies and technologies can help healthcare organizations bring the security of their apps up to speed."

The Intertrust security report on medical and healthcare mobile applications derived its findings on the basis of a detailed audit of 100 Android & iOS apps from worldwide organizations. All of the audited apps underwent a full host of Dynamic application security testing (DAST) and Static application security testing (SAST) based on the Open web application security project or OWASP mobile security testing. 

Some major highlights from the report: 

  • 91% of medical apps have mishandled &/or have inefficient and weak encryptions that substantially increase the intellectual property theft and put the user data at risk.
  • It was worrying to note that 85% of COVID 19 tracking apps leaked data. 
  • 83% of the discovered high-level threats could have been easily managed with the use of app protection technologies like tampering detection, code obfuscation, and white-box cryptography. 
  • Out of the tested apps, 71% showed at least one major soft spot in their security.
  • 60% of the tested Android apps were storing information in SharedPreferences, leaving data unprotected and unencrypted. Most applications had some issues with data storage security. 
  • 28% of iOS apps and 34% of Android applications are vulnerable to encryption key extraction.

Details on medical application protection can be found here

About Intertrust

Intertrust provides services and trusted computing products to consumer electronics, service providers, IoT manufacturers, mobile app industry leaders, and enterprise software platform companies. Products include software tamper resistance, the world's top digital rights management (DRM), and technologies to enable private data exchanges for many verticals including automotive, fintech, energy, entertainment, IoT, and retail/marketing. Founded in 1990 and headquartered in Silicon Valley with offices in London, Tokyo, Bangalore, Mumbai, Seoul, Beijing, Riga, and Tallinn. Intertrust has a renowned legacy of creative innovation and contributions in the area of digital trust and computer security. We hold hundreds of patents that are critical to privacy management components of OS, trust, internet security, trusted mobile code and network operating environments, cloud computing, and web services.
 

Aman Gaur
Written By
Aman Gaur
Aman, an IT Engineer, combines tech passion and cinephilia in his roles as a content writer and core marketing professional at MobileAppDaily. He crafts blogs, articles, PR, and devises content marketing strategies.
Want To Hire The Best Service Provider?
MobileAppDaily will help you explore the best service providers depending on your vision, budget, project requirements and industry. Get in touch and create a list of best-suited companies for your needs.

Latest Blogs

Press Release

Sofy.ai Launches ‘Visual Match’ to Enhance User’s Scriptless Testing Abilities, Providing Superior Testing Maintainability and Significantly Decreasing Test Flakiness

4 min read  

Sofy.ai, an advanced scriptless automation platform for mobile app testing, today unveiled Visual Match, a new feature set designed to eliminate the challenges associated with testing visual elements in mobile software applications. Visual Match augments Sofy’s platform by allowing software te

Press Release

Wizz Transforms Safety Into Self-Expression Through Partnerships with Yoti, Sight Engine, Webhelp and Besedo

4 min read  

Wizz, the social media app that provides teens with a safe space to meet and chat with new friends around the world, has announced its technology-driven “Safety Ecosystem.” Wizz has long seen a positive correlation between its efforts to keep users safe from malicious content and their i

Press Release

From Tutanota to Tuta: Unveiling the New Name

4 min read  

The name change also reflects Tuta's growing ecosystem: Since starting out as an encrypted email service in March 2014, Tuta has launched the first fully encrypted search tool (December 2017), the first fully encrypted desktop clients for private emails (December 2018), and the first encrypted c

Press Release

Tutanota launches into the age of quantum computing by building a secure Drive solution

4 min read  

Thanks to a €1.5 million grant from the German government's KMU-innovativ funding program, Tutanota is developing a cloud storage and file-sharing solution designed to provide secure encryption in the coming age of quantum technology: PQDrive. The funding from the German government wi

Featured Interviews

Interview

Interview With Coyote Jackson, Director of Product Management, PubNub

MobileAppDaily had a word with Coyote Jackson, Director of Product Management, PubNub. We spoke to him about his journey in the global Data Stream Network and real-time infrastructure-as-a-service company. Learn more about him.

MAD Team 4 min read  
Interview

Interview With Laetitia Gazel Anthoine, Founder and CEO, Connecthings

MobileAppDaily had a word with Laetitia Gazel Anthoine, Founder and CEO, Connecthings. We spoke to her about her idea behind Connecthings and thoughts about the company’s services.

MAD Team 4 min read  
Interview

Interview With Gregg Temperley, Founder Of ParcelBroker App

MobileAppDaily had a word with Gregg Temperley, Founder. We spoke to him about his idea behind such an excellent app and his whole journey during the development process.

MAD Team 4 min read  
Interview

Interview With George Deglin, CEO Of OneSignal

MobileAppDaily had a word with George Deglin, the CEO and co-founder of OneSignal, a leading customer messaging and engagement solution, we learn multiple facets related to customer engagement, personalization, and the future of mobile marketing.

MAD Team 4 min read