On the Privacy, Security and Safety of Blood Pressure and Diabetes Apps - ICT Systems Security and Privacy Protection
Conference Papers Year : 2015

On the Privacy, Security and Safety of Blood Pressure and Diabetes Apps

David Aspinall
  • Function : Author
  • PersonId : 986202
Maria Wolters
  • Function : Author
  • PersonId : 924605

Abstract

Mobile health (mHealth) apps are an ideal tool for monitoring and tracking long-term health conditions. In this paper, we examine whether mHealth apps succeed in ensuring the privacy, security, and safety of the health data entrusted to them. We investigate 154 apps from Android app stores using both automatic code and metadata analysis and a manual analysis of functionality and data leakage. Our study focuses on hypertension and diabetes, two common health conditions that require careful tracking of personal health data.We find that many apps do not provide privacy policies or safe communications, are implemented in an insecure fashion, fail basic input validation tests and often have overall low code quality which suggests additional security and safety risks. We conclude with recommendations for App Stores, App developers, and end users.
Fichier principal
Vignette du fichier
337885_1_En_38_Chapter.pdf (850.95 Ko) Télécharger le fichier
Origin Files produced by the author(s)
Loading...

Dates and versions

hal-01345147 , version 1 (13-07-2016)

Licence

Identifiers

Cite

Konstantin Knorr, David Aspinall, Maria Wolters. On the Privacy, Security and Safety of Blood Pressure and Diabetes Apps. 30th IFIP International Information Security Conference (SEC), May 2015, Hamburg, Germany. pp.571-584, ⟨10.1007/978-3-319-18467-8_38⟩. ⟨hal-01345147⟩
184 View
267 Download

Altmetric

Share

More