Security Threats Present in Android Health Apps

Health apps are undoubtedly a great way to count calories, map your runs, or keep track of medications. Unfortunately they are also a great way for hackers to run away with your private information. Following are some security risks in some of today’s most popular health apps, and what you can do to protect yourself.

Why Do Hackers Target Health Apps?

Why are hackers interested in how many calories you burned or how many miles you walked, anyway? It turns out that many of the more complex health apps also store personal information, such as your address, medical history, and social security number. Unlike credit card information, this data cannot simply be changed or cancelled if stolen — and can fetch a ton on the black market. As a result, these apps are now a hot target for cyber criminals.

Read More: Cybercrime: The Most High-Profile Targets

What Risks Are Present?

A study done by Arxan, an application protection provider, found that 86% of health apps tested contained at least two major security risks, and 96% of tested apps were found to have a lack of binary protection. This means that hackers can easily reverse engineer the app’s binary code by inserting malware (malicious software) into it, resulting in confidential data theft.

The study also found 79% of tested apps to have insufficient transport layer protection, meaning essentially that network traffic is unprotected, making sensitive data, such as passwords, susceptible to interception while being exchanged. But perhaps the most alarming finding is from an IBM Security and Ponemon Institute research paper which shows that approximately 50% of organizations do not have budgets for advancing mobile security, indicating that making apps more secure is not considered a priority.

What Can I Do?

It’s important to also note that the selling of data collected through apps is NOT regulated. Unlike the information you give to your doctor, information collected through a health or fitness app is not subject to the privacy and security regulations of the Health Insurance Portability and Accountability Act (HIPAA). As a result, many health apps do not have privacy policies.

Also be aware that data is safer when stored in an individual device, as opposed to the cloud. Be sure to read app descriptions thoroughly before downloading, so you know exactly where your data will be stored.

For maximum protection, equip your phone with top notch antivirus and antitheft protection. PSafe Total provides antivirus software that received the highest possible score in AV Testing, and protects your Android against online threats and security breaches 24/7!