According to eMarketer, the global e-commerce market is projected to surpass a staggering $3.5 Trillion within the next 5 years. As e-commerce slowly but surely makes its way to revolutionizing our lifestyles and businesses, it is imperative to understand not only the potential but also the security threats of businesses and individuals in this unpredictable evolving eco-system of mobile security in e-commerce apps.
Adding mobile to the equation
The introduction of mobile technology roughly about 30 years ago has taken the concept of convenience to another level. Mobile technology ever since continues to evolve every day and with the introduction of the mobile app world, it just seems like it couldn’t get any easier.
As consumers get more educated and inclined towards using mobile services each day, we observe a rather high rise in global mobile e-commerce transactions each year.
Criteo in their recent study revealed that more than 34% of global e-commerce sales were on mobile in 2015 and in the year 2016 is forecasted to be at 40%. This steep rise in only predicted to grow higher and will soon be a primary medium of shopping for shoppers around the globe
With large inflow and outflow of data and high volume transactions made on mobile each day, businesses are slowly realizing the importance of mobile security in e-commerce apps.
While security to channels of exploitation on web applications is given more importance, the lesser acknowledged mobile channel is becoming the new favorite hunting ground for hackers. The year 2014 alone records a total of over 1 Billion breaches from improper mobile security according to Breach Level Index.
Appknox’s analysis of mobile security in E-commerce apps
We put 500 of the top global E-commerce mobile applications through a rigorous automated testing process using Appknox (our in-house mobile app security solution). As a part of this security testing process, each application went through 14 different test cases.
All these tests according to security standards accepted globally are the basic security checks that each mobile application should ideally pass.
These checks help determine essential parameters like:
1. How data is being stored by the app
2. How much data is shared and accessible
3. The strength of security around payments made
4. Other possible loopholes that can lead to sensitive data leakages
5. And more.
To re-enforce the consistency in testing reports, we pushed these apps through a secondary scan maintaining a consistency in the reliability of data.
Our key findings:
100 top E-commerce apps were tested in each of the five regions.
1. 95% of apps fail basic security testing
2. More than 68% of apps had 4 or more loopholes present in them
3. 68% apps were diagnosed with threats of high severity
4. More than 95% of apps were detected with one of the top 5 threats
Is your business taking adequate measures?
IBM recently revealed in a study that the average data breach cost is approximately $4 Million. Mobile has opened many more pavements to cyber crimes and this number is only predicted to rise in the coming years.
As the world anticipates for a more convenient lifestyle through mobile, their subconscious demand for security only rises with every new app made or released.
Cybersecurity authorities in different countries are now also pulling up their socks and enforcing even more stringent laws against businesses who do not take adequate measures to protect their customer’s critical and personal data.
In fact, Singapore recently released PDPA which leads to a $1 Million fine to those companies in which data breaches have been detected. Such other laws also are being implemented and constantly updated in different countries. Regardless of these stringent cyber security laws or measures taken by businesses to ramp up security, hackers will always find a way past these barriers.
On the other hand, I’m sure we’re well aware that the e-commerce vertical is going to undoubtedly change the future of how we shop and mobile will further add to that convenience. We’ve seen some of the biggest e-commerce giants like Target, Walmart, eBay and more crumble to the smallest of security flaws. The addition of mobile to this equation only gives rise to additional channels of exploitation. Will the current measures for Mobile security in E-commerce apps suffice for a new wave of hackers that are gearing towards exploiting a bigger projected e-commerce market?
The war against cyber crime is a long one, it’s a never ending battle. The struggle will never end in victory but rather in suppression. It is evident through this report, that mobile security is needed now more than ever and the key to victory lies in the hands of those that proactively incorporate security into their overall business process strategies.