Google reports that 80% of applications encrypt traffic by default

This week, Google reported about its success in adopting the HTTPS standard: 80% of applications encrypt traffic by default.

So, in the official blog of the IT giant, appeared a message that currently 4 out of 5 applications (80%) available through the Google Play Store encrypt traffic by default and use HTTPS.

“Today, we’re happy to announce that 80% of Android apps are encrypting traffic by default. The percentage is even greater for apps targeting Android 9 and higher, with 90% of them encrypting traffic by default”, — posted by Bram Bonné, Senior Software Engineer, Android Platform Security & Chad Brubaker, Staff Software Engineer, Android Platform Security.

In fact, this means that once the traffic is encrypted, it cannot be intercepted or read by third parties.

In the case of applications developed for the latest versions of Android, this percentage is even higher. So, the company claims that 90% of applications written for Android 9 and higher encrypt traffic by default.

Read also: The influence of mining malware declined by almost 70% during 2019

Google reports that for apps targeting Android 9 and higher, the out-of-the-box default is to encrypt all network traffic in transit and trust only certificates issued by an authority in the standard Android CA set without requiring any extra configuration. Apps can provide an exception to this only by including a separate Network Security Config file with carefully selected exceptions.

Bram Bonné
Bram Bonné

Recall that starting since November 1, 2019, the company demanded that all applications on Google Play, including new ones and updates for existing ones, be oriented to Android 9 and higher. Google believes that this will also have a positive impact, and the pace of TLS implementation will only continue to grow.

“Since November 1 2019, all app (updates as well as all new apps on Google Play) must target at least Android 9. As a result, we expect these numbers to continue improving. Network traffic from these apps is secure by default and any use of unencrypted connections is the result of an explicit choice by the developer”, — writes Bram Bonné and Chad Brubaker in Google blog.

Interestingly, in terms of HTTPS, Google is more successful than Apple. According to a report published in June 2019, only a third of iOS apps use ATS, an encryption technology for network traffic of the app.
[Total: 0    Average: 0/5]
Sending
User Review
0 (0 votes)
Comments Rating 0 (0 reviews)

About Daniel Zimmermann

Daniel Zimmermann has been writing on security and malware subjects for many years and has been working in the security industry for over 10 years. Daniel was educated at the Saarland University in Saarbrücken, Germany and currently lives in New York.

Check Also

Iranian hackers use ZeroCleare

Iranian hackers used new ZeroCleare malware

IBM experts have revealed a new malware ZeroCleare, which created and used Iranian hackers. ZeroCleare …

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.