Conference item icon

Conference item

A longitudinal study of financial apps in the Google Play Store

Abstract:
Apps in the FINANCE category constitute approximately 2% of the 2,000,000 apps in the Google Play Store. These apps handle extremely sensitive data, such as online banking credentials, budgets, salaries, investments and the like. Although apps are automatically vetted for malicious activity before being admitted to the Google Play Store, it remains unclear whether app developers themselves check their apps for vulnerabilities before submitting them to be published. Additionally, it is not known how financial apps compare to other apps in terms of dangerous permission usage or how they evolve as they are updated. We analyse 10,400 apps to understand how apps in general and financial apps in particular have evolved over the past two years in terms of dangerous permission usage and the vulnerabilities they contain. Worryingly, we discover that both financial and non-financial apps are getting more vulnerable over time. Moreover, we discover that while financial apps tend to have less vulnerabilities, the rate of increase in vulnerabilities in financial apps is three times as much as that of other apps.
Publication status:
Published
Peer review status:
Peer reviewed

Actions

Access Document

Publisher copy:
10.1007/978-3-319-70972-7_16

Authors

More by this author
Institution:
University of Oxford
Division:
MPLS
Department:
Computer Science
Role:
Author
More by this author
Institution:
University of Oxford
Division:
MPLS
Department:
Computer Science
Role:
Author


More from this funder
Funding agency for:
Taylor, V
Grant:
EP/P00881X/1


Publisher:
Springer
Host title:
Financial Cryptography and Data Security 2017
Journal:
Financial Cryptography and Data Security 2017 More from this journal
Publication date:
2017-12-01
Acceptance date:
2017-01-14
DOI:


Keywords:
Subjects:
Pubs id:
pubs:697658
UUID:
uuid:258dbd0a-983c-4bb2-884c-784f8db9d53b
Local pid:
pubs:697658
Source identifiers:
697658
Deposit date:
2017-05-30
ARK identifier:

Terms of use


Views and Downloads






If you are the owner of this record, you can report an update to it here: Report update to this record

TO TOP