A new report from fraud prevention vendor iovation also shows a higher rate of risky transactions on mobile web sites than in mobile apps.
When comparing mobile application transactions, fraud prevention vendor iovation Inc. found apps in Android’s operating system are four times more likely to generate high-risk transactions that Apple’s iOS.
“This seems to support the industry consensus that iOS is a safer environment than Android, although no mobile device is completely risk-free,” the report says.
Iovation’s 2014 Mobile Fraud report break down the fraud risks across mobile devices and operating systems, identifying the risk for each operating system as well as the most common types of fraud. The report is based on data from iovation’s clients, which includes data from nearly 2 billion devices and 17 million confirmed instances of fraud and abuse. Iovation defines a high-risk transaction as an interaction—such as downloading an app or purchasing a product from a mobile app—that had been denied or flagged for review.
On Android devices, 0.41% of transactions on mobile web sites were considered high risk and 0.32% of transactions coming from mobile apps. On Apple devices, 0.28% of transactions on mobile web sites were considered high risk and just 0.08% of mobile app transactions.
When looking at operating systems, Apple’s iOS has the lowest risk of high-risk transactions with just 3% on the iPhone and 2% on the iPad. Devices using the Android operating system had a 4% risk of fraud, the report found. Devices using Windows, BlackBerry or other operating systems had a 6% risk of fraud.
Across Android devices, iPhones and iPads, the most common type of fraud was credit card fraud. Android devices followed that with inappropriate content, promotion abuse, spam and account takeover. For iPhones, the second most common type of fraud was spam, followed by identity theft, inappropriate content and account takeover. On iPad, the second most common type of fraud was also spam, followed by inappropriate content, promotion abuse and account takeover.