The risks of third-party app stores
Authored by a Symantec employee
Your mother may have told you to never take apps from strangers. No? It’s still good advice, especially when you consider the risks that come with downloading apps from third-party app stores.
The main risk you want to avoid? Downloading a software application from a third-party app store that infects your smartphone or tablet with malicious software.
Such malware could enable someone to take control of your device. It might give hackers access to your contacts, passwords, and financial accounts.
No wonder mom wouldn’t approve.
Here’s what you need to know about third-party apps, third-party app stores, and how to help keep your smartphone and your information safe.
What’s a third-party application?
A third-party app is a software application made by someone other than the manufacturer of a mobile device or its operating system.
For instance, app development companies or individual developers create a lot of applications for Apple’s or Google’s operating systems.
Those manufacturers also create applications for their own devices. In that case, it’s called a first-party or “native” app. But the vast majority of available applications are third-party apps.
Here’s how it works. An email application that comes with your mobile device — likely with the manufacturer’s name on it — would be a native app. If your roommate develops an app that dispenses advice from “mom” for any life situation, that’s a third-party app.
Official app stores vs. third-party app stores
Apple® AppStore and Google Play™ are the two biggest official app stores. You can go there to download mobile applications for your iPhone or Android device.
Each distribution platform includes native applications — the apps Apple built for its iOS operating system and Google built for Android devices.
Both platforms also include third-party apps — millions of them. Developers or companies — third parties, not Apple or Google — create the apps to work on iOS or Android devices.
Are they safe? Third-party apps in the official app stores usually follow strict development criteria. The stores also vet the applications for bad stuff like malware.
Third-party app stores may not apply the same level of scrutiny toward the apps they allow to be listed in their app stores. Still, it can get tricky. Third-party app stores might offer plenty of safe applications. But there’s also a higher chance they might offer dangerous ones.
And those apps can infect your mobile device with malicious codes like ransomware and adware. That’s because the ads or codes can be “injected” into popular apps you might buy through a third-party store.
The stores might sell popular apps for cheaper prices, which may sound appealing. But that bargain buy can put user privacy at risk.
Here are a few examples of sensitive information third-party app stores might extract:
- Phone numbers
- Device information
- Email addresses
Are third-party app stores all the same?
It’s important to keep in mind that not every third-party app store poses the same level of risk.
Google Play isn’t available in all countries, for instance. So, many users in those countries would rely on apps that may be legitimate from another app store.
Here’s one thing third-party app stores have in common: They aren’t restricted — meaning, the operating systems’ owners don’t control them.
App developers often find that lack of restriction attractive. Why? Two reasons:
- They might be able to target their audiences in ways they can’t through official app stores.
- They may get more exposure for their apps in a “niche” market.
You might be tempted to download apps in the third-party stores, but you can’t be sure about them.
What can you do to help stay safe when buying from third-party app stores?
One way to minimize danger from third-party app stores is to avoid them. But, even if you do, it’s also possible to download an app from one of the official app stores and have your device subject to malware.
So how do you keep your device and your personal information safe? It’s part common sense, and it’s part protection.
For instance, it’s a good idea to think twice before downloading an email attachment from a stranger to buy an app. But you can also turn to cyber security products, including Norton Mobile Security, to help protect you.
Norton Mobile Security offers malware protection. It has a feature that scans and removes apps with viruses, spyware, and other threats.
AndroidTM users benefit from App Advisor for Google Play. App Advisor scans apps and provides information before you download in Google Play to your phone. It flags dangers before they can get to your device. It also drills down into issues like an app’s privacy risk, data usage, and battery-life drainage.
Keep in mind, both versions of Norton Mobile Security — iOS and Android — provide protection for your device, in general.
Mobile malware on the rise
Bad apps are out there, and some of them can be found in third-party app stores. The problem isn't going away.
Consider: In 2017, there were 27,000 new mobile malware variants, according to Symantec data. That’s a 54 percent increase over 2016.
You can’t say mom didn’t warn you, unless she didn’t. Either way, she’d want you to stay safe.
Learn more about Norton Mobile Security or download it from an app store now.
Editorial note: Our articles provide educational information for you. Norton LifeLock offerings may not cover or protect against every type of crime, fraud, or threat we write about. Our goal is to increase awareness about cyber safety. Please review complete Terms during enrollment or setup. Remember that no one can prevent all identity theft or cybercrime, and that LifeLock does not monitor all transactions at all businesses.
Norton by Symantec is now Norton LifeLock. LifeLock™ identity theft protection is not available in all countries.
Copyright © 2019 Symantec Corporation. All rights reserved. Symantec, the Symantec logo, the Checkmark logo, Norton, Norton by Symantec, LifeLock and the LockMan logo are trademarks or registered trademarks of Symantec Corporation or its affiliates in the United States and other countries. Firefox is a trademark of Mozilla Foundation. Android, Google Chrome, Google Play and the Google Play logo are trademarks of Google, LLC. Mac, iPhone, iPad, Apple and the Apple logo are trademarks of Apple Inc., registered in the United States and other countries. App Store is a service mark of Apple Inc. Microsoft and the Windows logo are trademarks of Microsoft Corporation in the United States and/or other countries. The Android robot is reproduced or modified from work created and shared by Google and used according to terms described in the Creative Commons 3.0 Attribution Licence. Other names may be trademarks of their respective owners.