Skip to main content
close search
site logo
Dive Brief

Almost all retail apps leak personal data, security firm warns

Published Jan. 7, 2020
Daphne Howland's headshot
Senior Reporter
Rohit Tandon via Unsplash

Dive Brief:

  • In a review of 250 popular Android mobile apps, including those of retailers, app security firm NowSecure found that 70% leak sensitive personal data, including names, usernames, email, phone numbers, geolocation, account numbers and device identifiers including serial numbers.

  • Retail apps are the worst offenders, according to the study, which was emailed to Retail Dive: 82% of brick and mortar retail apps "actively" leak sensitive data and 92% of online retail apps do. In fact, just 8% of online retail apps were not at risk for exposure of personal information, NowSecure said.

  • The safest apps are from financial and insurance companies, which NowSecure said is due to tighter regulation of those industries.

Dive Insight:

After uncovering such a high level of insecurity among commonly used e-commerce apps, NowSecure advises consumers to delete all retail apps from their phones unless they are certain of their safety.

“After extensive testing, NowSecure is issuing a global warning to the millions of mobile app consumers and businesses to temporarily stop using top retail and e-commerce apps,” the company said in an email to Retail Dive. “Millions of users operate under the false assumption that the apps on their phones are safe.”

The firm isn't alone in its warnings about laxity in retail cybersecurity. 

Fraud around loyalty programs, one of the most important ways to lock in customers, has risen 89% in a year​, per the Forter Fraud Attack Index report. Failing to protect such incentives is not only a financial headache for customers, retailers and financial services, but it can also drive consumers to more secure competitors, experts told Retail Dive. ​

Retailers themselves are also frequent targets, especially during their busy season. In the month leading up to the shopping holidays, there was a 400% increase in phishing activity, according to research from cloud-based security company Zscaler.​ Attempted cyberattacks against retailers rose 20% during the 2018 holidays, according to VMWare Carbon Black. Two-thirds of retailers reported being targeted by a ransomware attack in the past year, according to that report. 

Filed Under: Technology, DTC

Editors' picks

Company Announcements

View all | Post a press release
OluKai Opens First East Coast Location at Disney Springs, Florida
From OluKai
November 21, 2024
New Interface Report Reveals Top Security Risks for U.S. Retail Chains
From Interface Systems
November 19, 2024
ShoppinGenie Unveils Version 3.0: An AI-Powered Shopping Assistant Set to Transform Retail
From KanduAI
November 06, 2024
Muenster Milling Company Announces Ryan James as Chief Revenue Officer
From Muenster Milling Company
November 20, 2024
Editors' picks
Latest in Technology
image/svg+xml
Industry Dive is an Informa business
© 2024 Industry Dive. All rights reserved. | View our other publications | Privacy policy | Terms of use | Take down policy.
Cookie Preferences / Do Not Sell