Appthority, the global leader in enterprise mobile threat protection, today revealed that Uber’s ride-sharing app is putting sensitive personal and corporate data at risk.
The launch of Uber for Business means that the locations of C-level executives, salespeople, developers and others could pose a potential physical threat. In addition, meeting agendas can also be exposed.
The report also found that the newer versions of Uber apps don’t enforce https connections and are sending data unencrypted, while the app now has 26 services running in the background as of this month (that number was zero in early 2015).
There are also more than 600 third-party apps and services integrating with Uber’s Application Programming Interfaces (APIs), with 84 percent of the apps using the /estimates/time API and 61 percent of the apps using the /history API on unencrypted connections with remote servers. This means a user’s data could be collected and saved even when the app is not in use.
Read the orginal article on PYMNTS.com here.