Privacy and Security analysis of cryptocurrency mobile applications

Dr. Andrew Le Gear of Horizon Globex participated in research

Subsequent to the introduction of Bitcoin, the field of cryptocurrency has seen unprecedented growth. Mobile applications known as wallets often facilitate user interaction to these cryptocurrencies.

With a perceived real world value these wallets are a target for attackers. Unlike mainstream financial services applications, cryptocurrency wallets are not subject to the same stringent security requirements of their regulated counterparts.

In this paper, we examine the security profiles of commonly used Android cryptocurrency applications. We examine these applications for common vulnerabilities outlined by OWASP mobile top 10. We establish a baseline for our tests by evaluating commonly used banking and trading applications. We compare the results from our baseline test and establish the state of security provided by cryptocurrency wallet applications.

The paper also examines the possible privacy implications of mobile applications. We report that the conventional financial services applications are only marginally better than cryptocurrency application in security provisions but they provide greater privacy.

Full conference paper will be presented at the Conference on Mobile and Secure Services between 2nd and 3rd March, 2019 at Miami Beach, Carillon Hotel, Gainesville, USA.

Horizon licenses and operates global securities exchanges.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store