Mobile Browsers Wholly Unsafe

The lack of graphical indicators in the URL field of mobile browsers presents a major security risk, according to researchers.

by / December 6, 2012
Image courtesy of Shutterstock

According to a recent Georgia Tech study, top mobile Internet browsers lack critical information that could lead to a security risk.

As eported, even expert users could be fooled by imposter websites because mobile browsers fail to meet security guidelines recommended by the World Wide Web Consortium (W3C) for browser safety. The absence of a graphical indicator in a mobile browser's URL field was the main concern outlined by researchers in Measuring SSL Indicators on Mobile Browsers: Extended Life, or End of the Road.

"We found vulnerabilities in all 10 of the mobile browsers we tested, which together account for more than 90 percent of the mobile browsers in use today in the United States," Patrick Traynor, assistant professor in Georgia Tech's School of Computer Science, told "The basic question we asked was, 'Does this browser provide enough information for even an information-security expert to determine security standing?' With all 10 of the leading browsers on the market today, the answer was no."

Usually seen as a small lock icon on a desktop or laptop computer's browser, graphical indicators typically indicate to the user that they have a secure connection to an authentic website. Without such indicators, it is easier for a user to fall victim to some kind of Internet scam in which their personal or financial information is compromised. In practice, mobile browser users are three times more likely to access phishing sites than users of standard browsers, one of the researchers said.

Image courtesy of Shutterstock