In its latest quarterly Mobile Data Report, Wandera has revealed a significant rise in apps leaking credit card data on enterprise mobile devices.
The company, which specialises in mobile data security and management, compiled the report by analysing the data usage trends and traffic patterns across its global network of enterprise mobile devices. Between Q4 2015 and Q1 2016, there has been a 17 per cent increase in apps and mobile websites leaking credit card data.
The CardCrypt security flaw that was discovered in December of 2015 has played a large roll in the amount of credit card data that has been leaked. The security flaw affected 16 global companies' mobile websites and apps which turned out to be transmitting users' credit card details and even the passport information of some users.
Wandera also noted that the amount of malicious domains visited by users had gone up substantially in Q1 2016. There was a 200 per cent increase per month during the quarter which the company has attributed to the ad frameworks being used within apps and websites. The ads displayed often lead users to malicious domains against their will and Wandera is advising all mobile users to think twice before tapping on any ad displayed within an app or their browsers.
The company's report did notice a positive trend towards greater encryption within browsers and apps. Wandera's research shows that 70 per cent of the data from apps is now encrypted, which is a 21 per cent increase that has occurred over the last 12 months. However, the encryption of data within browsers only increased by 13 per cent to a total level of 52 per cent encryption.
Wandera was also able to identify the top 10 apps by data usage on enterprise devices during the last quarter. The majority of data is used by email and Safari at 34 per cent followed by Facebook at 10 per cent, Instagram at 3 per cent, Twitter at 2 per cent, and WhatsApp Messenger, Spotify and Snapchat all at 1 per cent.
Enterprise users have begun to increasingly use their devices for more than just work and while this is a good thing for app developers it could equal an added security threat for their companies.