What is the Eavesdropper Vulnerability and why is it making headlines?

In such a rapidly growing digital industry, the world of mobile apps still experiences a number of teething problems when it comes to privacy and data protection. There have been a number of cases over the last decade in which masses of information have been leaked or stolen from leading mobile brands. A recent revelation by Appthority has brought to light a vulnerability that could put hundreds of apps and millions of people’s personal data at risk.

As a leading authority in the world of data protection and mobile security, Appthority regularly monitors the digital mobile market for potential leaks and threats to consumer data. A recent article highlighted what is being called the Eavesdropper Vulnerability and outlined the risk posed to a large number of mobile apps across the Android market – if you have recently taken up an app development business opportunity, you’ll want to know everything possible about this potential security issue.

According to the research carried out, the vulnerability is present in up to 700 different apps and a large percentage of those are still active on devices across the world today. The issue is rooted in a coding practice that many developers have integrated into their products. Many coders that have used the popular Twilio Rest API made the decision to hard-code important data and personal credentials, leaving it at risk.

As it stands, Appthority estimates that the Eavesdropper Vulnerability is present on up to 180 million devices which poses a substantial risk for app users all over the world. The type of data which has been exposed includes sensitive information such as call logs, minutes of audio messages and content from SMS and MMS messages. This means that millions of people’s personal data could be at risk of exposure if the potential leak is not plugged.

After being made aware of the issue, Twilio has opened up communications with the app development community in order to work collaboratively towards creating a solution and fixing the issues. The communication platform provider already had already stipulated the potential risks of hard-coding data in its guidelines but has announced it will do more to make developers aware of the potential harm to consumers.

The Eavesdropper Vulnerability revelation serves as an important reminder to app developers looking to make their mark in the industry. Good coding practices are very important, especially in a world where personal security and data protection are becoming areas of increasing concern for consumers.