Many health apps are often unsafe

Health apps have become popular in the corona pandemic. However, during an investigation, the Federal Office for Information Security found that the providers sometimes leave gaps in the handling of data.

According to a BSI report, six out of seven thoroughly tested apps transmitted passwords in clear text to authentication services. None of the apps fully met the security requirements of the BSI guidelines for health apps.

Also interesting: 17 Apps You Should Delete from Your Smartphone Right Away

Dealing with data security in health apps inadequate

The office, which also takes care of the data security of the federal government, criticized the find. “From the point of view of technical IT security, this result must at least be rated as critical, especially in view of the fact that a significant proportion of health apps process sensitive and particularly sensitive data. Because, according to the findings of the study, this does not adequately protect the users’ data against attacks. “

BSI expert Nicolas Stöcker said that the damage would be “initially manageable” if the identified loopholes were exploited. “If an attack takes place here, it always affects a single user, a single person. It would be worse if the backend, where the data is kept, were also insecure. ”According to its own statement, the authority has a corresponding further investigation“ on the screen ”for the future.

BSI informs affected providers

The BSI does not name any of the apps examined. After a market analysis, the experts selected seven applications for the in-depth examination. On the one hand, these process sensitive data and, on the other hand, they are widespread. They are currently working with the providers to close the gaps in the health apps. “If we see that this is not being remedied, we reserve the right to issue a corresponding product warning,”.