The mobile application craze has seen the creation of usefully and not so useful utilities that millions of consumers around the world download on a daily basis. The distribution of these applications is via brand specific and independent app stores such as the Nokia Store, Google Play, Windows Marketplace, BlackBerry App world, Apple App Store, Amazon App Store and GetJar.
For the major players, the process of creating and distributing of mobile applications via their store has the requisite checks and balances with some having human lead quality assurance to check on application behavior and content. Strict guidelines are put in place to ensure a consistent user experience and to protect against exploitation of end users by malicious applications.
With the International Telecommunications Union having estimated a global count of over 6 billion mobile subscribers at the end of 2011, with many having “smart enough” devices, it becomes apparent that there is a lucrative market that could be targeted by rouge developers consisting of “the uninformed”,” the unaware” or “the I just don’t care” . The fragmentation of mobile platforms, jail-breaking and the sheer numbers of mobile subscribers have given rise to alternative distribution channels, that are increasingly exposing mobile subscribers to exploitation. Targeted mobile marketing has increased this exposure hundred fold. Since most mobile devices have little if any security software it is imperative that the mobile consumer be wary of what they download especially so in a market that is driven by the freemium model.
An example can be given of how social engineering and consumer negligence when looking at terms and privacy policies can exploit consumers. A rouge developer can build and sign an application that requests to access the address book on your phone, while having it in plain sight on its terms and conditions that it can at will contact anyone there in and that while the application is free, usage beyond 60 days will be billed at thirty shillings every two days with via a mobile terminated shortcode with billing cycles at midnight. Did you accept the terms and conditions without a second glance? You probably did. The malicious application, can in stealth mode use your address book and bill you having received full permissions from you.
As mobile subscribers become more aware about the risks, mobile application developers must improve on the transparency of their privacy policies, terms and conditions by making them palatable. This will drive consumer confidence and can be leveraged via social media to drive usage via recommendations and other viral tools. Mobile network operators will need to invest heavily in quality assurance of applications hosted on their app stores to prevent exploitation of their consumers and eventual market backlash.
The dangers of an uninformed mobile consumer, multiple app stores, and independent developers pose a great challenge to the mobile ecosystem and it will take the concerted efforts of all genuine players, to ensure that stability and trust is maintained. It is after all our bread and butter.