Advertisement

Study: Most mobile Web browsers unsafe

Study: Most mobile Web browsers unsafe
This graphic shows the inconsistency with which three of the major mobile browser platforms display security indicators. Credit: Georgia Tech

ATLANTA, Dec. 5 (UPI) -- Smartphone Web browsers are unsafe and even cybersecurity experts can't detect when they've have landed on potentially dangerous websites, a U.S. study found.

In a critical area that informs user decisions -- the incorporation of tiny graphical indicators in a browser's URL address field -- all of the leading mobile browsers fail to meet security guidelines recommended by the World Wide Web Consortium for browser safety, researchers at the Georgia Institute of Technology reported Wednesday.

Advertisement

The graphic icons are called either SSL (secure sockets layer) or TLS (transport layer security) indicators and serve to alert users when their connection to the destination website is secure and the website they see is actually the site they intended to visit.

Without that graphical confirmation of a secure site, even expert users have no way to determine if the websites they visit are real or impostor sites phishing for personal data, the researchers said.

RELATED Facebook users going to secure connections

"We found vulnerabilities in all 10 of the mobile browsers we tested, which together account for more than 90 percent of the mobile browsers in use today in the United States," computer science Professor Patrick Traynor said.

Advertisement

"The basic question we asked was, 'Does this browser provide enough information for even an information-security expert to determine security standing?' With all 10 of the leading browsers on the market today, the answer was no."

The Web consortium has recommended how SSL indicators should be built into a browser's user interface and desktop browsers do a good job of following those recommendations, researchers said, but in mobile browsers the guidelines are followed inconsistently at best and often not at all.

RELATED Many smartphone users lax on security

"Research has shown that mobile browser users are three times more likely to access phishing sites than users of desktop browsers," Georgia Tech doctoral student Chaitrali Amrutkar said. "Is that all due to the lack of these SSL indicators? Probably not, but giving these tools a consistent and complete presence in mobile browsers would definitely help."

RELATED Lax security of work laptops creates risks

RELATED Flaw found in common network security tech

RELATED Mobile apps with ads called security risk

Latest Headlines

Advertisement
Advertisement

Follow Us

Advertisement