Heartbleed and the problem of mobile security

Heartbleed and the problem of mobile security

The recent Heartbleed attack highlighted security issues around tablets and smartphones, with Forbes reporting that millions of the devices could be affected by the virus. Of course, internet security issues are nothing new and ever since computers became commonplace people have spread viruses to steal information, money and generally cause havoc.

However, while it was one thing when information was stolen or files were corrupted on a desktop or laptop, it is quite another in the smartphone/tablet era when every device contains sensitive personal or business information and content. It seems as though, despite using smartphones and tablets pretty much all the time for everything, consumers have especially poor security in place to stop viruses ruining their devices.

Although in recent years smartphone penetration has increased to 74%, security measures have not kept pace with ownership. Our tracking data shows that in early 2011 just one in ten (10%) smartphone owners had downloaded security software to their device. Although at the start of 2014 this percentage has more than doubled in percentage terms (to 21%), it still means that almost four in five consumers have not downloaded apps or programmes to secure their smartphone. It is a similar story among tablet owners (now 40% of the population), where again just over a fifth (22%) have downloaded security software.

This is especially problematic as in the past few years increasing numbers of consumers have started using their smartphones for activities that require them to input passwords and, potentially, other personal information. As the chart below shows, the number of consumers using their devices for money-related activities has increased markedly since 2012 with almost three quarters (74%) now buying/browsing things and over half (55%) now online banking through their phones.

Despite this increase in the use of smartphones for sensitive activities it seems unlikely that there will be a major change anytime soon in the number of people getting security software for their devices. Almost four in ten (38%) say they are unlikely to download security programmes to their smartphone in the near future, with fewer than one in five (18%) saying they are likely to do it.

However, almost more concerning is the scale of malaise over the issue. The largest section of consumers is those who either don’t know or who are neither likely nor unlikely to get security software for their device, with these groups accounting for 44%. Unless this group can be prompted into action then it seems likely that attacks such as Heartbleed will continue to cause problems for the foreseeable future.

It is a similar story among tablet owners, with a quarter (25%) likely to get security software and 37% are unlikely. While there are slightly fewer (39%) in the “don’t know / neither likely nor unlikely” column, they are still the largest group.

It should be noted that all of this data is from Q1 2014 – before Heartbleed entered the public consciousness. The virus may have an impact on the number of consumers taking steps to boost the security of their smartphones and tablets and this is something we will track in our next waves of research over the coming months.


Please wait...

Please write code to prove you're human