Skip to main content
        • Products

          Q-Scout

          Leading edge mobile device security delivering dynamic, actionable intelligence for fleet-wide protection applications

          Q-MAST

          Comprehensive testing for developers who build, use, and manage mobile applications

          Q-Vet

          Mobile app vetting for curated and enterprise managed app stores

        • Solutions by Want

          Mobile Application Security Testing

          Advanced analysis utilizing static, dynamic & interactive analysis of Android and iOS mobile applications

          BYOD

          Secure devices connecting to the enterprise network in the work and live anywhere world

          App Vetting

          Transparent and high-confidence results using pass/fail security evidence

          End Users

          Airtight digital security that empowers you to make informed decisions on what apps you do and do not give access to

          Regulatory Compliance

          Automated compliance testing for the latest privacy and security standards

        • Untitled Document

          All Resources

          Blogs

          The latest industry news in cybersecurity’s ever-evolving landscape

          Newsroom

          Press releases, news stories and media highlights from Quokka

          Webinars

          Videos and content where you can learn about the latest threats, trends and issues in cybersecurity

          Whitepapers

          Insights and helpful assets for exploring cybersecurity and digital security

        • Datasheets

          An in-depth description of Quokka solutions

          Technical Papers

          Deep dive into cybersecurity topics and technical papers discovered by Quokka

          Use Cases

          Detailed overview of how Quokka solutions solve real-world pain points

          Partners

          Learn more about Quokka’s technology partners

        • Company

          Careers

          There are jobs - and then there is a career at Quokka

          Industries

          Solutions designed for security needs of your organization

          Leadership

          Quokka’s global management team comprised of security experts and industry leaders

  • Support

Quokka Publishes the Shopping App “Nice List” for the 2022 Holiday Season

Quokka Publishes the Shopping App “Nice List” for the 2022 Holiday Season

Research Test Reveals the Shopping Apps that Pose the Least Security and Privacy Risks

Research Test Reveals the Shopping Apps that Pose the Least Security and Privacy Risks

Monday, November 28, 2022 – McLean, VA, United States – Quokka, Inc., a mobile security and privacy solutions company, today announced the publication of its 2022 Mobile Apps Nice List showcasing what it considers the most trustworthy Android mobile apps available to end-users this holiday season. Results of Quokka testing reveal Society6, Madewell, Lucky Supermarket, Brad’s Deal and Stripe Dashboard appear to be the safest shopping apps and pose the lowest threat to end-users privacy and digital safety.

According to Insider Intelligence, the forecast for mobile commerce for 2022 holiday sales will hit $116.98 billion, or 46.9% of overall e-commerce sales. Making a safe and secure mobile process a must-have for Holiday shoppers.

“Quokka strives to deliver trusted and secure solutions that give end users the power of peace of mind by helping expose security gaps before threats can cause damage,” said Chris Gogoel, Vice President of Program and Product Management. “In that spirit of goodwill, we wanted to focus on the positive and share with users which apps received our Quokka Secure seal of approval for exhibiting the fewest software weaknesses and least likely to impact your personal privacy.”

The 2022 Mobile Apps Nice List

With more people relying on mobile apps this holiday season to deliver their gifts, Quokka tested across five categories. The apps listed here had the lowest Android threat scores in their category, and are deemed Quokka Secure.

Boutique Apps:

  1. Society 6
  2. Etsy
  3. Sell on Folksy
  4. Poshmark
  5. Zazzle

Of the Boutique Mobile Apps scanned, the average threat score was 25 with the most common threat being apps asking for more permissions than they needed to perform their core functions.

Big Brand Clothing:

  1. Madewell
  2. Victoria’s Secret
  3. PacSun
  4. American Eagle/Arie
  5. Nordstrom

Of the Big Brand Clothing Apps scanned, the average threat score was 31 with the most common threat being the lack of a runtime app security protection (RASP) solution.

Digital Wallets & Payments:

  1. Stripe Dashboard
  2. Xoom Money Transfer
  3. Remitly: Send Money & Transfer
  4. Wise
  5. Wallet Cards | Digital Wallet

Of the Digital Wallet Mobile Apps scanned, the average threat score was 56, with most threats being low or medium risk to end users. The most common privacy finding is that the apps share information about the user or app behavior with social networks.

Big Box Retailers:

  1. Lucky Supermarket
  2. Whole Foods Market
  3. Rite Aid
  4. Toys “R” Us
  5. Bed Bath & Beyond

Of the Big Box Retailer Mobile Apps scanned, the average threat score was 32, with medium to low risk to end users. The most common privacy finding is tracking user behavior in their app with a third party tracking service.

Discount and Deal Giver Apps:

  1. Brad’s Deals
  2. Zulily
  3. DealNews
  4. Capital One Shopping
  5. Rakuten

Of the Discount and Deal Giver Mobile Apps scanned, the average threat score was 34. The two most common privacy findings were tracking user behavior in the app with a third party tracking service and sharing user or app information with social networks.

How To Stay Safe This Holiday Season

  • Mind Your Permissions: Some mobile apps ask you for permission to access your camera, calendar, location, and other data that may not be necessary to the task at hand. The more permissions you grant, the more potential points of weakness you create, so be mindful of which apps require which permissions – and grant them judiciously.
  • Practice Good Hygiene: Be sure to change your application passwords regularly, or use an encryption service that automatically creates and stores strong passwords. Where possible, enable 2-Factor authentication (2FA) to create an extra layer of verification when people log into your account on a new or not recently-used device.

Methodology

Using Q-Vet, Quokka’s proprietary, industry-leading Mobile Application Security Technology (MAST) solution, Quokka was able to assign popular mobile applications a Threat Score factoring uncovered Security Risks and Privacy Risks. Q-Vet is used by organizations worldwide to proactively identify security and privacy vulnerabilities in mobile device applications without violating end user privacy in the process.

For more information visit our blog or view our fireside chat.

About Quokka, Inc.

The world of digital security is ready to evolve beyond distrust. We want less fear, and more peace of mind: less worry, and more confidence. Meet Quokka (formerly Kryptowire), a different kind of digital security and privacy company. Our proactive, light-touch solutions put users and their privacy first, helping people, teams, and enterprises around the world take back control of their digital security privacy in the new work and live anywhere world. Join us in being Quokka Secure.

Please visit www.quokka.io or connect with us on LinkedIn and Twitter (@Quokka_io) for more information.

Media Contact
[email protected]

Leave a Reply

Close Menu