Mobile Threat Blog

  • Mobile
    Security Insights
  • Mobile
    Threat Research
  • Mobile
    Security Tips

Original iPhone Image: Associated Press


Trust me, I had to look this up: The traditional gift for a tenth anniversary is tin or aluminum. That fits, since we learn from Brian Merchant, in his newly released The One Device: The Secret History of the iPhone, that aluminum, the most abundant metal on earth, is also the most abundant metal in the iPhone. And Bangka Island, in Indonesia, is where Apple’s iPhone manufacturing partner Foxconn sources its tin; the island had a fatality rate of one tin miner per week in 2014, and the local environment has been devastated by tin mining. We therefore can conclude that the iPhone has changed the world–since it’s estimated that to manufacture each 129-gram iPhone, 75 pounds of ore must be excavated. And since those 40 million tons of ore (for over 1 billion iPhones) are mostly dug up out of our sight, it’s easy not to think about it.

In other words, there’s an unseen downside that we can easily ignore while we become ever more addicted to our sleek, beautiful smartphones. While we love our iPhones, it’s full impact sometimes requires us to look beyond what we can see on the screen.

This brings us to one of the least understood but most dramatic impacts of the smartphone era: the degree to which we are now under constant surveillance. The smartphone has enabled a stalker economy.

With computers we are aware of being enterprise users. But with smartphones we are both enterprise users and consumers. And, as consumers, we are the target of businesses who rely on advertising to sell their products and services. The fastest-growing digital advertising segment is mobile advertising, approaching $50 billion this year and rivaling the amount spent on TV advertising. $50 billion is a stunning figure for a market that didn’t exist 10 years ago.

How is that money spent? Very carefully. Unlike mass market advertising, mobile advertising is individually targeted. And advertisers can determine the ROI of each individual ad. They do this by gathering an incredible amount of information about each of us, and then feeding that to their algorithms so that it can be determined what our value is from an advertising perspective.

What kind of information is collected? Location is key, and of course can be uniquely provided by our smartphones. But advertisers also want to know our age, sex, zip code, income, who we know, who we socialize with, and many other aspects of our personal lives. And they’re willing to collect and store massive amounts of data in order to determine the “best” ads to serve us.

Ad economy data flows in two directions: data collection and surveillance are outbound (to the cloud), ads are inbound (from the cloud). We can sometimes block ads, but we can’t opt out of the surveillance performed by advertisers. Neither can our employers. It’s worthwhile to note that this surveillance takes place not just in our personal lives, but while we’re at work —adding subtle but important risks to the enterprise threat landscape. The enterprise risks come from spear phishing or watering hole attacks that are informed by surveillance data in the wild and can lead to substantial breaches and enterprise data loss.

Note that we haven’t discussed government surveillance aimed at smartphones, nor have we considered malware and malicious apps–all of which are rare. By contrast, the ad economy surveillance is anything but rare.

The results of a recent survey by Axway found that “consumers value data security and privacy over cool new apps and features.” 69 percent of smartphone owners want smartphone development to focus on data security and privacy; we suspect a much higher percentage of enterprise IT leaders would agree.

Despite the prevalence of these threats, in the market today, Appthority’s Mobile Threat Protection solution is the only option for enterprises that are concerned about ad economy surveillance. In addition to protecting our customers against malware, device compromises and network attacks, the Appthority Mobile Threat Protection (MTP) solution provides a comprehensive set of tools and remediation options for data leakage and privacy violations–and the resulting threats to the enterprise.

Ubiquitous surveillance is enabled by legitimate and law-abiding app developers with the blessing of Apple and Google. And because, like the impact of ore excavation to manufacture our smartphones, it’s invisible to most of us, we don’t think about it.

Happy 10th birthday iPhone!