The security of Google's Android operating system has been under scrutiny in the last few months. Now, a study by German security researchers reveals that some apps in the Google Play market are vulnerable and leak personal data.
[More from Mashable: ‘Password’ Tops List of Worst Passwords of 2012 [VIDEO]]
Researchers at the Leibniz University of Hanover in Germany studied more than 13,000 Android apps and, specifically how they responded to attacks targeted at their Secure Sockets Layer (SSL) and Transport Layer Security (TLS) protocols. These are tasked with encrypting data when it's moved across networks to avoid the so-called "man in the middle" attacks, when an intruder can snatch data as it's moved around networks.
[More from Mashable: Popular Android Apps Leaking Private Password, Credit Card Data]
The researchers found that 8% of the apps studied were not secure, leaving sensitive data like passwords and account information (including banking and credit card details) vulnerable and at the disposal of hackers snooping around. All a hacker would have to do to exploit this vulnerability is send out a certificate to communicate, which allows him to insert himself into a connection between two devices exchaning data.
There's no evidence that these vulnerabilities are being currently exploited and the researchers suggested some solutions that Google should implement to improve the security. One of the suggestions would be to check the apps and their SSL/TSL code before allowing them on the Play market.
To learn more about this study, watch the video above.
This story originally published on Mashable here.
- Technology & Electronics
- Secure Sockets Layer