Home > News
  print button email button

Wednesday, Nov. 16, 2011

FYI

SMARTPHONE SECURITY

Smartphones new security battlefield


Staff writer

Smartphones have become a global phenomenon and in Japan in particular people are rapidly replacing their old cellphones with new handsets that are more like small computers with ever-increasing applications.

But with the boom comes concerns for security, and fears that personal information may be leaked via malware or some applications. The malicious software, often in the form of a virus, can work its mayhem unnoticed, bent on disrupting the operation of certain systems.

We look at recent smartphone security issues and how users can protect themselves:

How can the information of smartphone users be at risk?

According to Tokyo-based Trend Micro Inc., an antivirus software provider, certain malware has the potential to do serious harm.

One type records user phone conversations and stores it in memory for later transmission.

Another type of malware can be used to remotely control infected smartphones, enabling perpetrators, for example, to place calls for paid phone services, leaving the owner stuck with a huge bill.

Media reports have also recently highlighted personal information leaks from smartphones, including phone number, device identification number, location information and the kinds of applications the user has downloaded.

For instance, Manuscript, a Tokyo-based application provider, created a program called Karelog that enables users to track another smartphone user's location information and battery life.

The application may be handy for people to keep track of loved ones, but smartphone users may be registered without their knowledge, and thus information about them could be leaked.

This application differs from a virus attack, but it has caused controversy because it exposes the vulnerability of personal information via seemingly benign services.

Do all smartphones have the potential to leak information?

Industry watchers say Google Inc.'s Android system is more vulnerable than competitors, including the iPhone by Apple Inc., the BlackBerry by Research in Motion Ltd. and Windows mobile phones by Microsoft Corp.

This is because the Android OS, which has greatly expanded its global share in recent years, is an open platform that makes it easier for application developers to incorporate and spread malware in their products.

According to U.S.-based IT consultancy Gartner Inc., as Android led the world in market for smartphone operating systems, accounting for more than a 40 percent share in the second quarter of this year.

Trend Micro also said Android-targeted malware has been increasing dramatically. While there were only five kinds last December, the number had jumped to 533 by October.

As for iPhone applications, all have to be checked by Apple before they are released, so malicious applications are mostly blocked by the firm.

Have smartphone users been victims of swindles?

While many users may have unknowingly experienced relatively harmless personal information leaks like location data, no cases of fraud have been reported. The communications ministry said it has not confirmed any serious incidents involving money.

Keisuke Takemori, a researcher at KDDI R&D Laboratories who tracks smartphone malware, said in a recent online streaming program that he has no knowledge of users falling victim to a serious malware attack. Over the past two years, Takemori has been trying applications with malware every day but has not received any bills or calls demanding money, he said.

What countermeasures are smartphone carriers taking against malware attacks?

Takemori said KDDI's au brand runs its own Android application market and monitors to see if applications are incorporated with malware or are designed to gather more user personal information than necessary.

He also said KDDI is advising application developers to clearly inform users about the kinds of personal information they seek and for what purposes and over what time span after users open applications for the first time or if they double-check their status.

DoCoMo provides a free antivirus application for its Android users, while Softbank offers a smartphone security service, including an antivirus application, for ¥498 a month.

Softbank and KDDI, which both now offer the iPhone, said Apple handles security for those handsets.

How can users best ensure security?

Takemori said users should make sure they update their operating system to the latest version, which should reflect updates to protect devices from new and evolving malware.

Android users should also get applications through reliable sources, such as those that are managed by the phone carriers.

Market observers said using programs designed to combat malware are effective.

It is also important to educate users and raise the comprehensive understanding of smartphone security, they said.

For instance, some users don't really bother to read messages from application developers, but that can result in them unknowingly providing personal information.

The Weekly FYI appears Tuesdays. Due to editorial reasons it appears Wednesday this week. Readers are encouraged to send ideas, questions and opinions to hodobu@japantimes.co.jp


Back to Top

About us |  Work for us |  Contact us |  Privacy policy |  Link policy |  Registration FAQ
Advertise in japantimes.co.jp.
This site has been optimized for modern browsers. Please make sure that Javascript is enabled in your browser's preferences.
The Japan Times Ltd. All rights reserved.