App Genome Project a Gold Mine for Testers

Posted on 07/28/2010 in Android App Testing, iPhone App Testing, Mobile App Testing by Mike Brown

Earlier this week, we learned that Citigroup’s iPhone app had inadvertently saved the personal information of its users – information that could have been used for evil had it fallen into the wrong hands. We’re talking passwords, account numbers and so forth. Happens all the time.

The story actually received a decent amount of media attention (not like Lindsay Lohan or the gator feeding frenzy, but still) which sparked a long overdue discussion on the security of mobile software applications…

Which is how we learned about The App Genome Project. Set to be unveiled by mobile security firm Lookout at this week’s Black Hat Security Conference, the project is described as ” the largest mobile application dataset ever created.” It’s also a potential gold mine for mobile app testers looking for trends and data, but we’ll get to that in a minute.

First, here’s the stated goal of the App Genome Project:

“In an ongoing effort to map and study mobile applications, the App Genome Project was created to identify security threats in the wild and provide insight into how applications are accessing personal data, as well as other phone resources. Lookout founders John Hering and Kevin Mahaffey initiated the App Genome project to understand what mobile applications are doing and use that information to more quickly identify potential security threats.”

Very cool. Here’s what they’ve learned so far:

  • 29% of free applications on Android have the capability to access a user’s location, compared with 33% of free applications on iPhone
  • Nearly twice as many free applications have the capability to access user’s contact data on iPhone (14%) as compared to Android (8%)
  • 47% of free Android apps include third party code, while that number is 23% on iPhone

Currently, mobile app testing is heavily focused on the functional/usability side of the equation. In other words, mobile app testers are more occupied with screen size, page load speed, UI layout and overall functionality across devices and carriers. But if these stats are any indication (and they most certainly are) we expect mobile security testing to become a top priority in the years ahead. As PCWorld recently noted:

“Apps are just a different form of software. They can crash, or crash the device they’re running on, or contain coding errors that can be exploited to access sensitive information. It doesn’t matter whether the apps are developed by third-parties or created in-house; the possibility exists that a flaw in the app could lead to a security breach of some sort.”

Which is why – as we’ve said 439,975 times before – that professional mobile app developers NEED professional mobile app testers.

Leave a Reply

Free Report - Launch Better Mobile Apps

  • Search:

  • Archives: