A longitudinal study of financial apps in the Google Play Store
Apps in the FINANCE category constitute approximately 2% of the 2,000,000 apps in the Google Play Store. These apps handle extremely sensitive data, such as online banking credentials, budgets, salaries, investments and the like. Although apps are automatically vetted for malicious activity before b...
| Main Authors: | , |
|---|---|
| Format: | Conference item |
| Published: |
Springer
2017
|
| Subjects: |
| _version_ | 1826263691962613760 |
|---|---|
| author | Taylor, V Martinovic, I |
| author_facet | Taylor, V Martinovic, I |
| author_sort | Taylor, V |
| collection | OXFORD |
| description | Apps in the FINANCE category constitute approximately 2% of the 2,000,000 apps in the Google Play Store. These apps handle extremely sensitive data, such as online banking credentials, budgets, salaries, investments and the like. Although apps are automatically vetted for malicious activity before being admitted to the Google Play Store, it remains unclear whether app developers themselves check their apps for vulnerabilities before submitting them to be published. Additionally, it is not known how financial apps compare to other apps in terms of dangerous permission usage or how they evolve as they are updated. We analyse 10,400 apps to understand how apps in general and financial apps in particular have evolved over the past two years in terms of dangerous permission usage and the vulnerabilities they contain. Worryingly, we discover that both financial and non-financial apps are getting more vulnerable over time. Moreover, we discover that while financial apps tend to have less vulnerabilities, the rate of increase in vulnerabilities in financial apps is three times as much as that of other apps. |
| first_indexed | 2024-03-06T19:55:51Z |
| format | Conference item |
| id | oxford-uuid:258dbd0a-983c-4bb2-884c-784f8db9d53b |
| institution | University of Oxford |
| last_indexed | 2024-03-06T19:55:51Z |
| publishDate | 2017 |
| publisher | Springer |
| record_format | dspace |
| spelling | oxford-uuid:258dbd0a-983c-4bb2-884c-784f8db9d53b2022-03-26T11:56:23ZA longitudinal study of financial apps in the Google Play StoreConference itemhttp://purl.org/coar/resource_type/c_5794uuid:258dbd0a-983c-4bb2-884c-784f8db9d53b*subject*Symplectic Elements at OxfordSpringer2017Taylor, VMartinovic, IApps in the FINANCE category constitute approximately 2% of the 2,000,000 apps in the Google Play Store. These apps handle extremely sensitive data, such as online banking credentials, budgets, salaries, investments and the like. Although apps are automatically vetted for malicious activity before being admitted to the Google Play Store, it remains unclear whether app developers themselves check their apps for vulnerabilities before submitting them to be published. Additionally, it is not known how financial apps compare to other apps in terms of dangerous permission usage or how they evolve as they are updated. We analyse 10,400 apps to understand how apps in general and financial apps in particular have evolved over the past two years in terms of dangerous permission usage and the vulnerabilities they contain. Worryingly, we discover that both financial and non-financial apps are getting more vulnerable over time. Moreover, we discover that while financial apps tend to have less vulnerabilities, the rate of increase in vulnerabilities in financial apps is three times as much as that of other apps. |
| spellingShingle | *subject* Taylor, V Martinovic, I A longitudinal study of financial apps in the Google Play Store |
| title | A longitudinal study of financial apps in the Google Play Store |
| title_full | A longitudinal study of financial apps in the Google Play Store |
| title_fullStr | A longitudinal study of financial apps in the Google Play Store |
| title_full_unstemmed | A longitudinal study of financial apps in the Google Play Store |
| title_short | A longitudinal study of financial apps in the Google Play Store |
| title_sort | longitudinal study of financial apps in the google play store |
| topic | *subject* |
| work_keys_str_mv | AT taylorv alongitudinalstudyoffinancialappsinthegoogleplaystore AT martinovici alongitudinalstudyoffinancialappsinthegoogleplaystore AT taylorv longitudinalstudyoffinancialappsinthegoogleplaystore AT martinovici longitudinalstudyoffinancialappsinthegoogleplaystore |