Apps leaking credit card data on enterprise mobiles rose 17% in Q1

From Q4 2015 to Q1 2016 there was a 17 percent rise in apps and websites leaking credit card data on enterprise mobile devices.

Wandera's Mobile Data Report for Q1 2016 reveals this increase from Q4 2015 since the discovery of the CardCrypt security flaw in December 2015, which affected the mobile sites and apps of 16 global companies that transmitted users' credit card details and some passport information unencrypted.

Malicious domain access grew at a rate of 200 percent per month in Q1 2016. Almost three quarters (70 percent) of data from apps is encrypted, a 21 percent increase in 12 months. However browser encryption only grew by 13 percent, totalling the encryption level at 52 percent.

The top 10 apps by data usage on enterprise devices were also identified. Email and Safari represented the majority of data usage at 34 percent. Six out of the remaining eight apps are non-work-related, accounting for around 18 percent of data usage: Facebook (10 percent), Instagram (three percent), Twitter (two percent), WhatsApp, Spotify and Snapchat (all one percent). Video consumption dropped from 14 percent of domestic data to four percent when roaming, proving that employee education is working.

“The report illustrates that despite their best efforts in avoiding malware, for instance through identifying phishing attacks, users are unfortunately being caught unawares by compromised ad frameworks in trusted apps. Even the app owners themselves are not directly responsible for the adverts that may appear within their apps, as they come from the frameworks, so CIOs must help their employees with further detailed education on what may constitute a compromised ad,”said Eldar Tuvey, CEO of Wandera.