Blog

Top 10 most common mobile app vulnerabilities 2016

This year OWASP has updated the report. Survey results identified the top ten mobile vulnerabilities with the most frequent ones being weak server side controls, insecure data storage, and insufficient transport layer protection.
6 July 2016
Cybersecurity testing
Mobile app testing
The article by a1qa
a1qa

In 2014 OWASP (Open Web Application Security Project) conducted a poll to gather mobile apps vulnerability statistics. The objective was to level up the mobile security and to allow individuals and companies worldwide to make informed decisions in the course of their mobile app development and security testing.

Survey results identified the top ten mobile vulnerabilities with the most frequent ones being weak server side controls, insecure data storage, and insufficient transport layer protection.

This year OWASP has updated the report. The surveyed audience has mainly included penetration testers (38%), security specialists (35.2%), security engineers and designers (27%).

The obtained results has revealed that during the last two years developers worked hard to secure coding and configuration practices used on server-side of the mobile application, establish mechanisms to protect data stored and ensure sufficient transport layer protection. Thus, the vulnerabilities 2014 have almost been combatted while the new bottlenecks have appeared.

OWASP Top 10 mobile vulnerabilities 2016

  • M1 Improper Platform Usage (new!)
  • M2 Insecure Data Storage
  • M3 Insecure Communication
  • M4 Insecure Authentication
  • M5 Insufficient Cryptography
  • M6 Insecure Authorization
  • M7 Client Code Quality (new!)
  • M8 Code Tampering (new!)
  • M9 Reverse Engineering (new!)
  • M10 Extraneous Functionality (new!)

As for a1qa, keeping our customers’ information secure and private is a top priority for our QA experts. We greatly appreciate the OWASP survey results and consider them when testing and assessing security of our customers’ mobile products.

More Posts

Mobile app compatibility_mini
14 October 2021,
by a1qa
4 min read
Compatibility testing: 5 key tips to ensure high quality of mobile apps
Billions of mobile solutions and portable devices. Can you imagine that? Learn how to ensure robust software compatibility with accurate testing.
Mobile app testing
19 August 2021,
by a1qa
4 min read
Cybersecurity: Top 5 questions to ask a QA vendor
What information to request from QA providers to get confident in the complete security of your software and protect end-user sensitive data? Read about that in the article.
Cybersecurity testing
5G impact
31 May 2021,
by a1qa
4 min read
5G network impact on mobile app testing
Check out what 5G connectivity will bring to the IT world and how it will modify mobile app testing.
Cybersecurity testing
Mobile app testing
Performance testing
29 April 2021,
by a1qa
4 min read
Addressing 4 security issues for digital transformation programs
Find out the top 4 safety challenges of digital transformation and a QA playbook to address them and contribute to a higher level of cybersecurity.
Cybersecurity testing
31 March 2021,
by a1qa
4 min read
QA scenario to introduce 6 eCommerce trends in 2021
Discover what trends will rule the eCommerce industry in 2021 and how QA can help implement them with confidence and ease.
Cybersecurity testing
Test automation
15 March 2021,
by a1qa
4 min read
Mobile app performance testing: getting high software efficiency
Explore 3 cornerstones of mobile app performance testing and QA steps on how to execute it successfully.
Mobile app testing
Performance testing
25 February 2021,
by a1qa
4 min read
9 QA points for delivering high-quality SaaS-based solutions
In the article, we’ve gathered 9 QA factors relying on the SaaS specifics that may help to perform SaaS testing with ease.
Cloud-based testing
Cybersecurity testing
Functional testing
Performance testing
Test automation
16 February 2021,
by a1qa
5 min read
Winning trust: 5 industries that need blockchain testing
Get to know what industries are prone to rapid transformation within blockchain solutions, and how their catch-all testing can help keep leading positions.
Blockchain app testing
Cybersecurity testing
Functional testing
Performance testing
29 January 2021,
by a1qa
4 min read
3 do’s and 3 don’ts in BFSI software testing
Considering BFSI to be a fast-paced industry, how to keep up with such velocity? We’ve prepared 3 do’s and 3 don’ts that help sustain the rush and high software quality.
Functional testing
Mobile app testing
Test automation

Get in touch

Please fill in the required field.
Email address seems invalid.
Please fill in the required field.
We use cookies on our website to improve its functionality and to enhance your user experience. We also use cookies for analytics. If you continue to browse this website, we will assume you agree that we can place cookies on your device. For more details, please read our Privacy and Cookies Policy.