Mobile apps for LinkedIn, Netflix, Foursquare and Square have been found to significantly lack in security precautions according to an evaluation conducted by ViaForensics. The evaluation revealed that apps for these services do not adequately store user passwords, which are kept by the apps without proper (rudimentary) encryption. This basic flaw in the apps has put the users of these apps at a risk of financial or identity theft.
This is bad at a profound level, since storing data in plain text format is considered to be a grave violation of data security.
When Netflix was contacted about this flaw, they immediately responded by stating that they will modify their Android apps to secure the client information. Similarly LinkedIn has also indicated that it has taken up the matter and will be working to make the sensitive information more secure on their Android apps. However, both of these companies have failed to disclose as to when they would update their apps.
Square on the other hand has been the worst offender, more so because it directly deals with finances. On one occasion Square’s app “exposed a user’s transaction amount history and the most recent digital signature of a person who signed an electronic receipt on the app.”
You should be really concerned if you are using any of these apps from your iPhone or Android device, specially if you are a Square user.