Symantec research has shown that some 7% of iOS and 3.4% of Android apps disable SSL protection for connections with certain backend servers. The use of unencrypted channels threatens the safety of transmitted data, which may include confidential information.

Researchers at the Symantec Division at Broadcom examined hundreds of thousands of applications from the App Store and Google Play catalogs between 2017 and 2020 and found out that some developers deliberately include in their product the possibility to disable SSL certificate validation, as well as Apple and Google's special protection dictating the use of HTTPS connections.

In 2020, according to Symantec, there were about 600,000 apps in the App Store; among them more than 45 thousand (7.6%) were considered potentially dangerous by analysts. Currently, only 2.4% of programs on Google Play can be accused of neglecting SSL protection for connections.

At the top of the list of potentially dangerous applications by use is software for gamers. The second place in this rating was given to programs for conducting financial transactions, despite the fact that they operate with much more sensitive information - identity cards and bank card data.

According to Symantec, the use of secure access points will help reduce the risk of data interception.

Source: anti-malware.ru