SAN DIEGO, CA, September 28, 2011– In a revealing survey of smartphone and tablet users, the majority polled admit to not password protecting their mobile devices despite keeping them logged in to sensitive online accounts and applications, leaving them open to account compromise, fraud and data theft, announced Confident Technologies, Inc., a provider of image-based authentication technology for websites and mobile applications.
The survey also revealed a troubling trend for businesses that opens up the potential for data theft
- While nearly 90 percent of respondents reported that their smartphones and tablets are personal devices not provided by their employer,
- more than 65 percent reported that they use their mobile devices to access work email or the company computer network
In a recent interview with Network World, former White House cybersecurity adviser Richard Clarke said of the growing trend of businesses allowing employees to use their personal mobile devices at work, “this is the newest and largest vulnerability in corporate America now.”
Convenience Beats Security
When asked about password protecting their mobile devices:
- More than half of respondents said they do not use a password or PIN to lock their smartphone or tablet
- 44 percent who do not lock their mobile devices said that using a password is “too cumbersome"
- 30 percent who do not lock their mobile devices said they “are not worried about the risk”
Consumers are Oblivious of The Security Risks
Many respondents are indeed exposing themselves to great risk by connecting those unlocked mobile devices to sensitive online accounts and applications:
- 50 percent of respondents use banking, financial or stock trading apps on their smartphones or tablets
- 35 percent have applications connected to online shopping or auction accounts
- 77 percent said they use social networking applications such as Facebook or LinkedIn
- 97 percent reported that they have email applications running on their mobile device
Additionally, the survey revealed that a majority of respondents leave mobile applications such as email, shopping apps and social networking accounts continuously logged-in, if they can:
- Only 33 percent said they make a point of logging into an application every time they use it
- Two thirds said they try to leave applications perpetually logged in unless they are required by the application to log in every time
Poor Mobile Security Habits Born Out of Frustration
These poor security habits have likely come about because logging in to applications and accounts on mobile devices is so difficult. People surveyed overwhelmingly reported frustration when it comes to typing usernames and passwords on the soft keyboards of smartphones and tablets.
- More than 30 percent reported that they “often forget or mistype on the small keyboards”
- Nearly 60 percent of respondents stated that they “wish there was an easier form of authentication for mobile applications”
The inconvenience can be even greater for people who have “strong” passwords consisting of letters, numbers and symbols, as that often requires switching back and forth between multiple soft keyboards on the display screen.
How Businesses and Consumers Can Safely Use the Mobile Web
“Many people fail to recognize that smartphones bring great risks for exposure of personal information,” said Joanna Crane, Executive Advisor to the Identity Theft Resource Center. “Consumers can protect themselves and their personal information by following best security practices including locking the devices, installing security software, paying attention to what information is being captured by an application and thinking about whether that app really needs it, and using remote wiping technology if the phone is lost or stolen.”
In 2011 global sales of smartphones surpassed sales of PCs for the first time. According to comScore more than 90 percent of mobile subscribers in the US and Western Europe have a phone that can access the mobile web[i] and Gartner Researchestimated that more than 85 percent of mobile handsets shipped this year included some form of web browser. Businesses and individuals alike can benefit from the growing use of mobile applications and the mobile web, but only if the vast amounts of information connected to these pocket-sized computers is secure.
“Internet-enabled smartphones and tablets are quickly becoming the device of choice for everything from accessing work email, to social networking to even banking and shopping,” said Curtis Staker, CEO, Confident Technologies. “However, people’s lax security habits have made the mobile platform the new frontier for hackers, malware and fraud. The onerous process of typing complicated passwords on a smartphone for every app or online account means that people instead choose to sacrifice security for convenience, leaving themselves and in many cases their businesses at risk of data theft and fraud. Instead of relying on archaic authentication methods, businesses with mobile websites and developers creating mobile applications should provide their users with a more secure and easier way to authenticate.”
Read the complete survey results and learn what individuals and businesses can do improve mobile security, by visiting www.ConfidentTechnologies.com/survey.
About Confident Technologies
Confident Technologies, Inc. provides image-based, user authentication and verification technologies for enterprise websites, web services, mobile applications and mobile payments. Multifactor authentication solutions from Confident Technologies increase security without the need for expensive hardware tokens, smart cards or biometrics and improve user experience through an easy-to-use, image-based interface. For more information, visit www.confidenttechnologies.com.
Follow Confident Technologies on Twitter: www.twitter.com/ConfidentTech
Watch Confident Technologies on YouTube: www.youtube.com/ConfidentTech
[i] The comScore 2010 Mobile Year in Review. February, 2011.