Mobile Browsers Have Low HTTPS Indicators, Research Shows
Browsers used by 90 per cent of American mobile customers don’t clearly identify the HTTPS status of the connection as the World Wide Web Consortium recommends, research from Georgia Tech shows.
The study, titled “Measuring SSL Indicators on Mobile Browsers: Extended Life, or End of the Road?”, showed the lack of HTTPS indicators is still a problem users face with mobile browsing, though smartphones generally have the same types of cryptographic and security capability found in traditional programs.
Mobile browser users are three times more likely to access phishing sites than users of desktop browsers, researchers warned. The paper goes as far as concluding mobile browsers are “unsafe enough that even cyber security experts are unable to detect when their smartphone browsers have landed on potentially dangerous websites.”
“The basic question we asked was, ‘Does this browser provide enough information for even an information-security expert to determine security standing?’,“ said Patrick Traynor, assistant professor at Georgia Tech’s School of Computer Science. “With all 10 of the leading browsers on the market today, the answer was no.”
The browsers studied for the research include Android, BlackBerry Mango and Webkit, Chrome Beta, Firefox Mobile, iPhone Safari, Opera Mini, Opera Mobile, Windows IE Mobile, and Safari on iPad 2.