According to the App Watchdog on viaForensics, your data is not as safe as you might think.

Popular apps like Twitter and LinkedIn have security flaws that could be exploited, exposing your personal data.

Consider Square, the mobile app that lets users accept credit card payments — part of the credit card numbers used with the app are readily available to whoever wants them.

What follows is a breakdown of other surprisingly big-name apps and the problems with each one, both for Android and iPhone.

Dropbox

Android:

  • Retained user name
  • Retained list of action history
  • Retained list of all file names, dates and times

iPhone:

  • Retained user name
  • Retained list of action history
  • Retained documents and downloads

Source: viaForensics

eBay

Android:

  • Retained eBay and PayPal user names
  • Retained last four digits of bank account and credit card number
  • Retained last transaction amount and address

iPhone:

  • Retained user name
  • Retained recent search history

Source: viaForensics

Foursquare

Android:

  • Username and password stored insecurely
  • Comments and search history stored insecurely
  • Geo-locations stored insecurely

iPhone:

  • Username stored insecurely
  • Comments and search history stored insecurely
  • Geo-locations stored insecurely

Source: viaForensics

Gmail

Android:

  • User and recipient e-mail addresses insecurely stored
  • E-mail content insecurely stored

Source: viaForensics

AIM

Android and iPhone:

  • Username stored insecurely
  • Entire conversation logs stored insecurely

Source: viaForensics

Facebook

Android:

  • Retained user name
  • Retained all friends, including their profile info and email
  • Retained notifications sent, status updates and profile pictures

iPhone:

  • Retained user name
  • Retained user and friend profile data
  • Retained status updates, check-ins, and posts to other profiles
  • Retains data from viewed walls and profiles

Source: viaForensics

Groupon

Android:

  • Retained user name and password
  • Retained first & last name, home address and email
  • Retained last 4 digits of credit card number
  • Retained list of groupons purchased

iPhone:

  • Retained user name
  • Retained email and address
  • Retained last 4 digits of credit card number and expiration date
  • Retained all purchases

Source: viaForensics

LinkedIn

Android:

  • Username and password stored insecurely
  • Full contact list and messages stored insecurely

iPhone:

  • Username stored insecurely
  • Full contact list and messages stored insecurely

Source: viaForensics

Mint

Android:

  • Retained user name
  • If PIN is set to protect data, it is stored unencrypted
  • Retained account info, transactions, balances and alerts

iPhone:

  • Retained user name
  • Retained account names, balances, and transactions
  • Retained alerts for payments, due dates, budget info, deposit amounts
  • Retained income and expense info

Source: viaForensics

Netflix

Android:

  • Username and password stored insecurely
  • Account holder name stored insecurely
  • Queue stored insecurely

iPhone:

  • Account holder name stored insecurely
  • Partial queue stored insecurely

Source: viaForensics

PayPal

iPhone:

  • Retained user name
  • Retained history of bump account transfer feature
  • including date, time, and GPS location coordinates of transaction
  • Retained email of both parties involved in transfer

Source: viaForensics

Skype

Android and iPhone:

  • Username stored insecurely
  • Entire conversation and contacts list stored insecurely

Source: viaForensics

Square

Android:

  • Username stored insecurely
  • Phone number of last sent text receipt stored insecurely

iPhone:

  • Username stored insecurely
  • Last 4 digits of credit card number stored insecurely
  • Transaction amounts stored insecurely
  • Customer signature stored insecurely

Source: viaForensics

Twitter

Android and iPhone:

  • Username stored insecurely
  • Tweets, direct messages and followers stored insecurely

Source: viaForensics

YouTube

Android and iPhone:

  • Username stored insecurely
  • Search history stored insecurely

Source: viaForensics

Bump

iPhone:

  • Username stored insecurely
  • Friend List stored insecurely
  • IM logs stored insecurely

Source: viaForensics

