Warning! Mobile App Markets Are Not as Secure as They Claim

The web is flooded with more and more reports about personal data storages breaches. Global concerns about security measures are bigger than ever. 2016 was marked by the General Data Protection Regulation lawpack implementation. So, now it’s clear, that governments, businesses worry about their data as much as average users do. What is the problem? In this article, I’m going to reveal one of the most troubling aspects.

It’s In Your VPN

Virtual Private Network (VPN) is a software tool for mobile devices, which allows you to browse anonymously. All the recent concerns push people to use VPN applications as safety measures. Due to that trend, “VPN” search query became one of the most frequently asked in both Google Play Market and Apple App Store.

The fact is that hiding your data from one, brings it straight to another.

VPN services don’t use your device to decode data. They use servers for transit purposes. It means, that all your passwords and messages are in power of VPN  holding companies, but who are they? SImple research shows, that about 60% of such services are based in China. Does China fall under European GDPR jurisdiction? Certainly no. They actually have privacy policies, but they are not as detailed as they could be. That’s why there is no confidence in what they really do with our data.

Action - Reaction

How do Apple and Google react to safety measures drawbacks? And, what is more important, why do they allow problems to happen? Isn’t it dumb to set fire alarms after the fire?

The most recent 2018 scandal caused by Cambridge Analytica proved, that Facebook had exposed personal data. I won’t go into details, because we’re interested in the following events. Right after the scandal, Apple hurried to show its solicitude by deleting the Onavo VPN, which is owned by Facebook. It looks like measures like this are just acts of window dressing. Same goes to Google. They detected 85 harmful applications and deleted them right after their authority fell under potential danger. Play Market is actually a dump of frivolous pieces of code, which make up a lion’s share of all apps there. According to this, we can only conjecture how many more applications (especially VPN clients) are still there to collect our data.

Their rules are elementary. First, they argue to have progressive security mechanisms, then they shake their heads and delete apps saying it’s not going to happen again. It’s hard to believe, that some home-grown application developers have access to the most trusted marketplaces to distribute malware. There’s a huge breach in policies of software distributing corporations. They definitely confuse priorities. Big business admits controversial marketing methods, but average users mustn’t suffer. We don’t have a big choice of mobile operating systems as there are only two of them now, but they don’t seem to put security above financial growth.

It’s Only The Beginning 

This article is quite short and reveals only the tip of the iceberg. I can’t even imagine the real size of investigations needed to dot all i’s. Monopolistic attitude of Apple and Google make them too protected from undesirable eyes, so we can judge only by their actions. However, trust is undermined for an indefinite period of time. I’m strongly convinced, those powerful corporations, which take responsibility for our personal data must be able to identify malware before it gets delivered to anyone’s device.

Possible Solution

I suggest that Apple and Google should reconstruct their policies and make a more strict competitive selection of applications to be distributed via their app stores. Breaches must be fixed before data leaks.