Mobile Threat Blog

  • Mobile
    Security Insights
  • Mobile
    Threat Research
  • Mobile
    Security Tips
It’s that time of year when football fans everywhere track the big game – in this case Super Bowl 50 – with the utmost intensity.  Here at Appthority, that got us wondering about how Super Bowl apps stacked up on risk.

We analyzed over 20 apps for risky behaviors such as:
  • Execution in the background (Sharing PII information, Tracking and sharing location, Accessing address book and calendar)
  • Changes to device configuration
  • Access to telephony service
We focused on Super Bowl apps with activities from checking stats and scores to getting a ride to your Super Bowl venue of choice or even ordering a pizza. Apps included:
  • Football: Official team apps for the Carolina Panthers and the Denver Broncos, Road to 50 Superbowl apps, Official NFL apps, CBS Sports
  • Fantasy Sports: NFL, CBS Sports, Yahoo Sports
  • Pizza: Dominos, Pizza Hut
  • Rides: Uber & Lyft
  • The Carolina Panthers Android app was found to be exhibiting more risky behaviors than the Denver Broncos app
  • Take note if you plan on streaming the game live on the CBS Sports Android app – it had the highest number of risky traits
  • The NFL Fantasy Football app for Android had the highest combination of risky behaviors, including background access to the phone and device configuration
From riskiest to least risky, here’s how the apps stacked up:
  1. CBS Sports (Android)
  2. Uber (Android)
  3. Lyft (Android)
  4. Domino’s (iOS)
  5. Carolina Panthers (Android)
  6. Lyft (iOS)
  7. NFL Fantasy Football App (Android)
  8. CBS Sports (iOS)
  9. Pizza Hut (Android)
  10. Denver Broncos 365 (Android)
  11. NFL Mobile App (iOS)
  12. NFL Mobile App (Android)
  13. CBS Fantasy Football (iOS)
  14. NFL Fantasy Football (iOS)
  15. Carolina Panthers (iOS)
  16. Road to Super Bowl 50 (iOS)
  17. CBS Fantasy Football (Android)
  18. Domino’s (Android)
  19. Yahoo Fantasy Sports (Android)
  20. NFL Scores (iOS)
  21. Pizza Hut (iOS)

See the full article at CSO: ‘Defense wins championships’ in application security and NFL