A mobile app security evangelist has urged greater security attention to be paid to travel booking apps due to the handling of huge volumes of sensitive customer information, including booking details, credit card numbers and loyalty points. Security compromises could be detrimental to the brand, he noted.
Jan Sysmans, mobile app security evangelist at Appdome, a cyber defence automation platform, told TTG Asia that insufficient data encryption and insecure data storage are some security shortcomings in travel booking apps.
He elaborated that travel booking apps use and store sensitive data such as usernames and passwords, credit card information and other important personal information including passport details. Unfortunately, hackers and pen testers know where to find this data.
Sysmans said: “Our advice (to app developers) is to use a no-code mobile cyber defence automation platform that connects to the app maker’s existing DevOps workflow. This will enable cyber security teams and app developers to work together to rapidly build security into their apps.
“This can be coupled with mobile XDR (extended detection response) solutions such as Appdome’s ThreatScope for efficient investigations and responses to cyber threats. Armed with an understanding of potential threats, Appdome’s protection models can easily be versioned (upgraded) to include new protections before any attacks can be launched at scale.”
He also advised app makers to follow industry best practices to build a comprehensive security model against static and dynamic attacks, threat and mobile fraud. He stressed on the importance of embracing automation to rapidly build protection into the apps and detect new threats before they can be launched at scale, in order to defend against the onslaught.
Users too have high expectations of mobile app security. According to Appdome’s recent Consumer Expectations on Mobile App Security survey results released in April, 25.9 per cent of Singaporean consumers who took part in the survey in 2022 considered developers “not caring about their security” as compared to only eight per cent in 2021.
The survey also found that Singaporeans will advocate a brand when their security expectations are met.