Hacker-Friendly Android Apps

SAP Guest

 By Sebastian Nikoloff

Researchers taking a close look at 100 Android apps were able to hack into 41 of the programs to obtain credit card data and sensitive log-in information. 


Some Android apps simply make it easy for attackers: Researchers at the Universities of Marburg and Hamburg examined 13,500 apps that are available on the Google Play platform. Of the programs they studied, eight percent proved vulnerable to a “man in the middle” attack. This involves a hacker pretending to be the communication partner and intercepting communication between the app and a server. This effectively circumvents the encryption mechanism that is in place via SSL or TLS.

 Android apps are especially vulnerable

One hundred apps of the apps were selected for further study. According to the researchers, it was possible to obtain credit card data as well as sensitive log-in data for Facebook, WordPress, Twitter, and Google accounts from 41 of these programs. In some cases, external access even extended to the server or communication software like IBM Lotus Sametime.

The apps the researchers hacked were not announced, but they include several popular apps that have more than 185 million installations. Especially dangerous: Half of users can’t say whether their data is encrypted or not. In comparison to Apple’s strictly sealed off App Store, Google Play is conceived of as an open platform. The vulnerability of Android apps, therefore, doesn’t surprise the researchers.



awareness , News

Recommended for you:

13 Scary Statistics On Employee Engagement [INFOGRAPHIC]

Jacob Shriar

There is a serious problem with the way we work.

Most employees are disengaged and not passionate about the work they do. This is costing companies a ton of money in lost productivity, absenteeism, and turnover. It’s also harmful to employees, because they’re more stressed out than ever.

The thing that bothers me the most about it, is that it’s all so easy to fix. I can’t figure out why managers aren’t more proactive about this. Besides the human element of caring for our employees, it’s costing them money, so they should care more about fixing it. Something as simple as saying thank you to your employees can have a huge effect on their engagement, not to mention it’s good for your level of happiness.

The infographic that we put together has some pretty shocking statistics in it, but there are a few common themes. Employees feel overworked, overwhelmed, and they don’t like what they do. Companies are noticing it, with 75% of them saying they can’t attract the right talent, and 83% of them feeling that their employer brand isn’t compelling. Companies that want to fix this need to be smart, and patient. This doesn’t happen overnight, but like I mentioned, it’s easy to do. Being patient might be the hardest thing for companies, and I understand how frustrating it can be not to see results right away, but it’s important that you invest in this, because the ROI of employee engagement is huge.

Here are 4 simple (and free) things you can do to get that passion back into employees. These are all based on research from Deloitte.

1.  Encourage side projects

Employees feel overworked and underappreciated, so as leaders, we need to stop overloading them to the point where they can’t handle the workload. Let them explore their own passions and interests, and work on side projects. Ideally, they wouldn’t have to be related to the company, but if you’re worried about them wasting time, you can set that boundary that it has to be related to the company. What this does, is give them autonomy, and let them improve on their skills (mastery), two of the biggest motivators for work.

Employees feel overworked and underappreciated, so as leaders, we need to stop overloading them to the point where they can’t handle the workload.

2.  Encourage workers to engage with customers

At Wistia, a video hosting company, they make everyone in the company do customer support during their onboarding, and they often rotate people into customer support. When I asked Chris, their CEO, why they do this, he mentioned to me that it’s so every single person in the company understands how their customers are using their product. What pains they’re having, what they like about it, it gets everyone on the same page. It keeps all employees in the loop, and can really motivate you to work when you’re talking directly with customers.

3.  Encourage workers to work cross-functionally

Both Apple and Google have created common areas in their offices, specifically and strategically located, so that different workers that don’t normally interact with each other can have a chance to chat.

This isn’t a coincidence. It’s meant for that collaborative learning, and building those relationships with your colleagues.

4.  Encourage networking in their industry

This is similar to number 2 on the list, but it’s important for employees to grow and learn more about what they do. It helps them build that passion for their industry. It’s important to go to networking events, and encourage your employees to participate in these things. Websites like Eventbrite or Meetup have lots of great resources, and most of the events on there are free.

13 Disturbing Facts About Employee Engagement [Infographic]

What do you do to increase employee engagement? Let me know your thoughts in the comments!

Did you like today’s post? If so you’ll love our frequent newsletter! Sign up here and receive The Switch and Shift Change Playbook, by Shawn Murphy, as our thanks to you!

This infographic was crafted with love by Officevibe, the employee survey tool that helps companies improve their corporate wellness, and have a better organizational culture.


Recommended for you:

Supply Chain Fraud: The Threat from Within

Lindsey LaManna

Supply chain fraud – whether perpetrated by suppliers, subcontractors, employees, or some combination of those – can take many forms. Among the most common are:

  • Falsified labor
  • Inflated bills or expense accounts
  • Bribery and corruption
  • Phantom vendor accounts or invoices
  • Bid rigging
  • Grey markets (counterfeit or knockoff products)
  • Failure to meet specifications (resulting in substandard or dangerous goods)
  • Unauthorized disbursements

LSAP_Smart Supply Chains_graphics_briefook inside

Perhaps the most damaging sources of supply chain fraud are internal, especially collusion between an employee and a supplier. Such partnerships help fraudsters evade independent checks and other controls, enabling them to steal larger amounts. The median loss from fraud committed
by a single thief was US$80,000, according to the Association of Certified Fraud Examiners (ACFE).

Costs increase along with the number of perpetrators involved. Fraud involving two thieves had a median loss of US$200,000; fraud involving three people had a median loss of US$355,000; and fraud with four or more had a median loss of more than US$500,000, according to ACFE.

Build a culture to fight fraud

The most effective method to fight internal supply chain theft is to create a culture dedicated to fighting it. Here are a few ways to do it:

  • Make sure the board and C-level executives understand the critical nature of the supply chain and the risk of fraud throughout the procurement lifecycle.
  • Market the organization’s supply chain policies internally and among contractors.
  • Institute policies that prohibit conflicts of interest, and cross-check employee and supplier data to uncover potential conflicts.
  • Define the rules for accepting gifts from suppliers and insist that all gifts be documented.
  • Require two employees to sign off on any proposed changes to suppliers.
  • Watch for staff defections to suppliers, and pay close attention to any supplier that has recently poached an employee.

About Lindsey LaManna

Lindsey LaManna is Social and Reporting Manager for the Digitalist Magazine by SAP Global Marketing. Follow @LindseyLaManna on Twitter, on LinkedIn or Google+.


Recommended for you:

Why New Technology Has An Adoption Problem

Danielle Beurteaux

When 3D printing became a practical reality, in the sense that the actual printers became more efficient, less expensive, and more accessible to the average consumer, there was an assumption that the consumer 3D printing market was going to take off. We’d all have printers at home printing…. what? Our clothes? Toys? Spare organs?

That has yet to happen. 3D printing company MakerBot just went through its second employee layoff this year, driven by a market that’s developing much slower than predicted.

That same thinking is in play with a somewhat more prosaic technology – digital wallets. Apple Pay was released this year, as was Samsung Pay. There’s also Google’s Android Pay. During an earnings call, Apple CEO Tim Cook said: “We are more confident than ever that 2015 will be the year of Apple Pay.” But that expectation has yet to be realized, at least vis-à-vis consumers.

Consumers aren’t using any of the digital wallets en masse. According to Bloomberg, payments made via mobile wallets – all of them – make up a mere 1% of retail purchases in the U.S. The reason is that consumers just don’t see a compelling reason to use them. There’s no real reward for them to change from SOP.

Both these instances highlight a problem with assumptions about mass adoption for new technology – just because it’s cool, interesting, and accessible doesn’t mean a market-worthy mass of people will use it.

Who is more likely to use mobile wallets? Emerging economies without a stable financial and banking systems. In those environments, digital payments present a more secure and quicker method for purchasing. These are the same areas where mobile adoption leapfrogged older technologies because there was a lack of telecommunications infrastructure, i.e. many never had a landline phone to begin with, and they went directly to mobile. The value-add already exists. (But there are also security issues, to which consumers are becoming more sensitive. A hack of Samsung’s U.S. subsidiary LoopPay network was uncovered five months post-hack. Although one was expert quoted as saying the hackers may not have been interested in selling consumer financial info but instead in tracking individuals.)

Here’s some interesting data and a good point made: mobile payments are most popular in situations where the buyer already has his or her phone in hand and the transaction is made even quicker than swiping plastic. For example, purchases made for London Transit rides are responsible for a good portion of the U.K.’s mobile payments.

Mass technology adoption is no longer driven simply by the release of a new product. There are too many products released constantly now, the market is too diverse, and the products often lack a true raison d’être.

Learn more about how creative and innovative companies are finding their customers. Read Compelling Shopping Moments: 4 Creative Ways Stores Connect With Their Customers.


Recommended for you:

Five Reasons Why Social Collaboration Should Be Part Of Your Digital Transformation

Daisy Hernandez

Digital collaboration technology has revolutionized how we communicate and live our lives. The digital network – powered by search, social, and gamification technologies – has enabled the easy and rapid sharing of knowledge globally. Now it is easy to communicate and collaborate with others no matter their location, time zone, or geography.

In a business context, these same technologies are powering benefits across an organization. By connecting business areas, vital information needed to make critical decisions is no longer siloed and disjointed. Add to this the ability to incorporate business data, and decisions are now not only made collaboratively, but are informed by the latest business-critical information and data, whether it is back-end customer or financial data. This is where the real business benefits start to emerge.

Gartner predicts that 50% of large organizations will use internal social networks resembling Facebook by 2016. Thirty percent of these technologies will be considered to be as essential as email and telephones. Digital transformation is underway, and by using collaboration technology with integrated business data, businesses are starting to see staggering benefits.

Social collaboration: Going beyond information sharing

One of the most well-known benefits of social collaboration in a corporate environment is faster and tighter alignment during a project or process. However, a recent study conducted by Forrester Consulting indicates that the advantages run deep, and run throughout the enterprise. The following are five business benefits collaboration can deliver to your business today.

  1. Boost win rates and accelerate the sales cycle. The average sales deal requires a team effort, with individuals and knowledge that live outside the sales department. A Web-based network, accessible through any device, helps win new business and generate more revenue. By pulling expertise, information, and customer data together in one place, sales reps are able to collaborate within and outside of their organization to respond more quickly and accurately to incoming customer questions and needs.
  1. Improve the quality of onboarding and speed new hires’ time to productivity. Social solutions bring together people from across the organization as they collaborate on projects or teams. When a new hire joins the company, this community enables quick ramp-up as the new hire is able to quickly locate and connect to the experts and information they need to complete their job responsibilities. Add to this the fact that this solution houses the collective genius and lessons learned of the organization, and the result is a dynamic, continuous learning culture.
  1. Deliver unparalleled customer experience – every time. Whenever you can provide anyone on the front lines with the full customer story, everyone wins. Knowledge networks ensure that no matter who is interacting with the customer, they have the complete picture. Integrating backend data with real-time collaboration ensures that they are prepared with the latest data at their fingertips to understand the status of a current or prospective customer. For the customer, this means a seamless experience that is always informed, relevant, and meets their needs.
  1. Support business processes that are truly efficient, transparent, and accessible 24×7. Whether you are involved in marketing, IT, finance, or supply chain operations, it is not uncommon for employees to get lost in email chains and outdated spreadsheets and reports. If the ability to collaborate resides in a central location, existing business processes can be improved and supported. More important, taking this network into the mobile world helps ensure that employees have the information they need any time and anywhere.
  1. Create a future of work that appeals to young talent. Knowledge networks can be a cultural tool that not only serves the business, but also answers the needs of our youngest talent. For Millennials, operating in a digitally connected world is a normal part of life – and they could not imagine anything different in their workplace. In the Forrester report, one hiring manager stated, “Millennials would not like to work at [a] company that doesn’t have a collaboration tool. It’s unimaginable — we can’t hire without it.” Could you? Most likely not.

Now you can be part of shaping how organizations adopt and find value in social collaboration technology. Tell us what obstacles you are facing and the benefits you are reaping by taking part in this survey to help SAP develop our future perspective on social collaboration and how it affects us all as employees, managers, and businesses.


Recommended for you: