When it comes to security, Mobile device are target for attackers to exploit. Mobile devices are often shared devices; a close friend can use it, Family can also use it. Because of this reasons and many other threats to mobile devices, numerous vulnerability are commonly found in such devices. Being Vulnerable can also be as a result of inadequate technical controls and lack of security practices from the consumers.
The mobile vulnerability which is common to all mobile platforms includes:
Enable password to be secured:
Mobile devices mostly do not have password to authenticate the users and no control access to the data stored on the devices. Mobile devices have the technical capability to support passwords, personal identification numbers (PIN), or pattern screen locks for authentication. Some mobile devices also include a biometric reader to scan a fingerprint for authentication. Constantly using of a PIN or password that can be easily bypassed or determined such as 0000 or 1234. Without using Pin or password to lock the device, there is increased risk that if such device is stolen or lost information could be accessed by unauthorized users
WIFI network are usually not encrypted:
Email sent through wireless transmission is usually not encrypted. Most of the applications do not encrypt data they transmit, which can easily be intercepted. Transmitting data via WIFI network that is using http rather than https, such data can easily be intercepted. Unencrypted wireless connection could be intercepted by attackers to access some useful information or even flood the network traffic in order to slow down the internet
Malware on Mobile devices:
Phone owners may download applications that contain malware. This malware can be disguised as a patch, game or any other useful application. Since it is usually difficult for users to tell which application is legitimate or malicious. For instance, an application could be repackaged with malware and a consumer could inadvertently download it onto a mobile device, the data can easily be intercepted. When a wireless transmission is not encrypted, data can easily be intercepted by eavesdroppers, who may gain unauthorized access to sensitive information.
There is no such thing as security software in mobile devices. Security software do not come with mobile devices to protect it against malicious application, spyware and malware-based attacks. Those malicious applications may slow operations and affect battery life. Confidential information may be linked out through such application. Without security software, the risk may be increased that an attacker could successfully distribute malware such as viruses, Trojans, spyware, and spam to lure users into revealing passwords or other confidential information.
No limit of internet connections:
Most of the mobile devices do not come with firewall application(A network security system that monitors the incoming and outgoing network traffic base on predetermined security rules). These devices when connected to wide area network, hackers could access the mobile device through unsecure ports thereby collecting vital information from the device.
Software Maybe Out of Date:
Some software installed in the mobile devices maybe out of date, security patches for third party application are mostly not developed and released in timely manner. Third party applications such as mobile web browsers do not update consumers when updates are available. These outdated software increases the risk that attacker may exploit vulnerability associated to the mobile devices.