Articles producció científicaEnginyeria Informàtica i Matemàtiques

Security and Privacy Analysis of Mobile Health Applications: The Alarming State of Practice

  • Identification data

    Identifier:  imarina:3669826
    Handlehttps://hdl.handle.net/20.500.11797/imarina3669826
    Authors:  Papageorgiou, A; Strigkos, M; Politou, E; Alepis, E; Solanas, A; Patsakis, C
    Abstract:
    Recent advances in hardware and telecommunications have enabled the development of low cost mobile devices equipped with a variety of sensors. As a result, new functionalities, empowered by emerging mobile platforms, allow millions of applications to take advantage of vast amounts of data. Following this trend, mobile health applications collect users health-related information to help them better comprehend their health status and to promote their overall wellbeing. Nevertheless, health-related information is by nature and by law deemed sensitive and, therefore, its adequate protection is of substantial importance. In this paper we provide an in-depth security and privacy analysis of some of the most popular freeware mobile health applications. We have performed both static and dynamic analysis of selected mobile health applications, along with tailored testing of each application's functionalities. Long term analyses of the life cycle of the reviewed apps and our general data protection regulation compliance auditing procedure are unique features of the present paper. Our findings reveal that the majority of the analyzed applications do not follow well-known practices and guidelines, not even legal restrictions imposed by contemporary data protection regulations, thus jeopardizing the privacy of millions of users.

  • Others:

    Link to the original source: https://ieeexplore.ieee.org/document/8272037
    APA: Papageorgiou, A; Strigkos, M; Politou, E; Alepis, E; Solanas, A; Patsakis, C (2018). Security and Privacy Analysis of Mobile Health Applications: The Alarming State of Practice. Ieee Access, 6(), 9390-9403. DOI: 10.1109/ACCESS.2018.2799522
    Paper original source: Ieee Access. 6 9390-9403
    Article's DOI: 10.1109/ACCESS.2018.2799522
    Journal publication year: 2018-01-26
    Entity: Universitat Rovira i Virgili
    Paper version: info:eu-repo/semantics/publishedVersion
    Record's date: 2026-05-09
    URV's Author/s: Solanas Gómez, Agustín
    Department: Enginyeria Informàtica i Matemàtiques
    Licence document URL: https://repositori.urv.cat/ca/proteccio-de-dades/
    Publication Type: Journal Publications
    Author, as appears in the article.: Papageorgiou, A; Strigkos, M; Politou, E; Alepis, E; Solanas, A; Patsakis, C
    licence for use: https://creativecommons.org/licenses/by/3.0/es/
    Thematic Areas: Telecommunications, Materials science (miscellaneous), Materials science (all), General materials science, General engineering, General computer science, Engineering, electrical & electronic, Engineering (miscellaneous), Engineering (all), Engenharias iv, Electrical and electronic engineering, Computer science, information systems, Computer science (miscellaneous), Computer science (all), Administração pública e de empresas, ciências contábeis e turismo
    Author's mail: agusti.solanas@urv.cat, agusti.solanas@urv.cat

  • Keywords:

    Security and privacy exposure
    Security
    Mobile security
    Data privacy
    Communication system security
    Application security
    Computer Science (Miscellaneous)
    Computer Science
    Information Systems
    Engineering (Miscellaneous)
    Engineering
    Electrical & Electronic
    Materials Science (Miscellaneous)
    Telecommunications
    Materials science (all)
    General materials science
    General engineering
    General computer science
    Engineering (all)
    Engenharias iv
    Electrical and electronic engineering
    Computer science (all)
    Administração pública e de empresas
    ciências contábeis e turismo

  • Documents:

    DocumentPrincipal

  • Cerca a google

    Search to google scholar