Security Architecture, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security, Endpoint/Device Security

Experts find flaws in Mobile World Congress official app

The mobile app of one of the most recognized mobile technology conferences in the world is reportedly leaking its attendees' personal information, according to new research.

Experts at mobile security firm Appthority ran the official Mobile World Congress Android app through its analysis framework and found some serious flaws.

The app collects the data – before authentication takes place – through “API calls to MWC servers” and includes attendee full names, addresses, company names and titles, in addition to data belonging to their social media accounts. The information is left in plain text in “a sqlite database within the resource folder” of the device. Appthority suggests that spammers could easily scrape the contact information without even attending the event in Barcelona.

The app could put the more than 100,000 attendees able to download it at risk if they don't take caution.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.