警聲
ISSUE 1010 March 5, 2014 to March 18, 2014

Information Security Tips Series
Mobile Advertising

0 Photo

Nowadays, we all carry at least one mobile device, mostly smart phone with mobile Internet connectivity. Many people read mobile advertisement on the mobile phone, but, due to the rapid growth of technology and information boom, some minor points may be overlooked. Let's look at mobile advertising information security.
 
Mobile Advertising can be broadly classified into categories of Short Message (SMS), Multimedia Message (MMS) and Apps advertising.
 
SMS and MMS dominated in the early stage but have been faded out and replaced by Apps advertising nowadays. With the popularity of smart phones, mobile advertising has been embedded in Apps, mostly free Apps. The mobile advertisements pop up in random, in certain period of time, or in the form of notifications. As they are free of charge, the pop-up frequency of advertisement is relatively high. These advertisements are not only annoying the users but also containing some hidden risks that may give rise to the following information security issues.
 
1. Mobile data usage increases due to extra text messages and images downloaded in the advertisements. If you are not in the service area of your mobile phone data service provider, the mobile data roaming charges will be more expensive.
 
2. Extra power consumption increases due to network connection, sound and vibration of notifications.
 
3. Unwanted files will accumulate. There are many push advertisements delivered as image files, and some application will pre-load the files in your phone.
 
4. Sensitive data leakage may occur because some apps with push advertising require access rights. They appear to be normal messages, such as system messages, programme update notifications and so on. When the user opens it without checking its credibility, it is possible to link to a high-risk site. In addition, as the applications were authorised before installation, the chance of being hacked or data being grabbed will greatly increase.
 
We may solve these problems by:
 
1. Downloading software in official sites - according to many IT security reports, the majority of malicious applications are stored on unofficial sites.
 
2. Paying more attention to the permissions of the applications before installation. As the malicious apps or push advertising requests extra irrelevant rights, we should pay more attention or refuse installation if there is an application request for unnecessary permission.
 
3. Installing a trusted security programme - some trustable security programme can effectively scan a malicious code, like push advertising. It can also determine the credibility of the programme to provide extra protection for your mobile phone.