We get some valuable insight into the growing world of mobile app markets, thanks to Lookout’s new App Genome Project. The mobile security company’s latest project delves into some areas that aren’t often discussed, which is a brave and necessary thing for a security firm to take on. The report highlights alternative marketplace trends:
- The App Genome Project analyzed two alternative markets for Android that target Chinese users. While these markets serve a legitimate need for localized apps, they also host pirated and repackaged apps. Nearly 11% of the apps also available on the Android Market were found to be repackaged and likely submitted by someone other than original developer.
- Of these repackaged apps, a quarter request more permissions than the original app.
- In the case of iOS, alternative markets provide owners of jailbroken devices access to unique or pirated apps. We found that one of the markets we analyzed predominately hosts pirated apps (85%).
- 8% of all paid apps in the Apple App Store were found pirated on one alternative iOS market.
As Lookout notes, there’s a certain danger in this, as these alternative app marketplaces aren’t regulated by Google or Apple, and can heighten the risk of malware invading your phone. While all alternative app marketplaces aren’t riddled with dangerous intentions, their inherent design lends itself to ill-reputed business tactics (pirated content) and security vulnerabilities.
“In some cases its legit, but other cases it’s a vector for malware and spyware,” Lookout CTO Kevin Mahaffey tells me. “It’s something we want to bring to the attention of users.”
Educating users is a primary goal for Lookout’s new App Genome Report. The mobile landscape is still a relatively new one, and for the growing security startup, contiguous correspondence with consumers is a brand-building opportunity. Being able to “read” this mobile landscape has its own learning curve, as mobile apps and software downloads carry new concepts and points of interaction.
“We’re all about transparency,” Mahaffey goes on. “We want to share all the information we have. We don’t want people to make bad decisions because they don’t have all the data available to them. Knowing where the dangers and threats are going to be is the job of a security company.”