More than 80% of mobile health apps passed by the Food and Drug Administration have tested positive for 2 critical security susceptibilities, in accordance to a vendor specializing in anti-tamper protections for software.
Arxan Technologies analyzed that 84% of the mHealth apps tested did not adequately deal at least 2 of the Open Web Application Security Project (OWASP) Mobile Top 10 Threats.
Most of the apps were susceptible to application code tampering and reverse-engineering. Although, 95% of the FDA-approved apps lacked binary protection, which could result in privacy violations, theft of personal health data, and tampering.
Instated of compromising sensitive health data, the company alerted that such susceptibilities could lead to a health app being reprogrammed to deliver a lethal dose of medication. The FDA was not instantly present for comment.
The findings of Arxan were part of its fifth Annual State of Application Security Report, which involves an analysis of 71 of the most famous mobile health apps from the U.S., U.K., Germany, and Japan—with 86% of those apps discovered susceptible to at least 2 of the OWASP Mobile Top 10 Threats.
Health apps tested that were passed by the U.K. National Health Service did not fare much better than those passed by the FDA, as NHS did not accurately deal at least 2 of the OWASP Mobile Top 10 Threats, and 100% of the apps were discovered to be lacking binary protection.
Arxan also did an analysis of 238 mobile health app users, finding 78% consider their apps are “adequately secure,” and 50% are confident that “everything is being implemented” to secure their apps. At the similar time, 76% stated that they would change apps if they knew they were not safe or if they knew alternative apps were more protective.
Patrick Kehoe, chief marketing officer of Arxan, alerted that “in the rush to bring latest apps to market, agencies tend to ignore critical security measures that are proving serious to customer loyalty.”
No comments:
Post a Comment