This holiday season, shoppers are turning to mobile as a new way to hunt bargains, with sales via mobile devices nearly doubling – but nearly one third of shoppers polled commited basic security errors of storing identity and credit card data on their devices, and did not use security measures to protect it. Nearly 40% believed that the convenience of shopping via mobile outweighed the risk.
Half of those used no security protection whatsoever – despite the average spend this year via mobile totalling £260, across those polled. The poll was conducted by Tripwire, an IT security risk advisor.
Nearly two-thirds of U.S. consumers (59%) have no security software on their devices, according to the survey, conducted by OnePoll, which polled 1,400 consumers in the U.S. and the UK, according to eWeek. This holiday seeason, mobile shopping has increased 80 percent over 2012, with nearly 20 percent of sales coming from mobile devices, according to eWeek’s report.
In a survey of 1,000 consumers, 32% admitted that they stored bank or credit card details on their devices, but half of those did not use any security at all – even built-in security measures such as locks, never mind security software.
Perhaps most alarming of all, 39% of those polled believed the convenience of mobile shopping “overrides security concerns”.
Gavin Millard, EMEA technical director at Tripwire, said: “The results from our survey highlight the fact that consumers are still not recognising that cybercriminals are targeting mobile devices to collect personal information and for financial gain.”
ESET’s Threat Trends Predictions 2014, an annual report released this week, suggested that threats against Android would be a major theme of the coming year. ESET’s detections of such malware increased more than 60% between 2012 and 2013. This rocketing increase is not going to stop in 2014.
ESET Latin America’s Research Laboratory in Buenos Aires points out that malware afflicting Android now uses classic PC attack methods – the discovery of vulnerabilities, then their exploitation through malicious code.
Mobile commerce is growing at an extremely rapid rate – and apps targeting the holiday season are common on all mobile platforms. GigaOm reported that purchases via mobile had grown 187% year on year, according to a report by commerce platform Branding Brand, “According to Branding Brand, a mobile commerce platform for sites including Costco and Ralph Lauren, Black Friday sales on smartphone-optimized websites were up 187% this year. Not only that, but page views and order values increased as well.”
We Live Security advise using the built-in protection offered by your mobile platform, and good AV software, in a guide to Android security here, “Not having a PIN code on Android is like leaving your front door open – but if someone does crack the code (sometimes possible simply by turning a handset sideways and looking for greasy finger marks, or by using an ingenious robot), you can lock them out of important data anyway. Free apps such as App Lock allow you to put PIN codes on individual apps (such as Gmail, or Facebook), adding an extra layer of security, and giving you time to change passwords.”
We Live Security’s guide to secure Christmas shopping warns against some of the risks of using mobile devices, “When you are in the ordering process on a website, check to make sure it is using SSL, the standard in secure transactions – often shown by browsers as a little lock symbol.It’s far easier to do these checks on a PC, rather than smartphone or tablet browsers, so it’s worth sitting down, even if it is an impulse buy.”
Author Rob Waugh, We Live Security