App Genome Feb 2011

8/3/2019 App Genome Feb 2011

http://slidepdf.com/reader/full/app-genome-feb-2011 1/12

FeaturesAboutBlog

SupportPartner with Us

Sign Up Log In

App Genome Report – February 2011

The App Genome Project is the world’s largest mobile application dataset created to map the anatomy of

mobile applications across multiple mobile platforms and app markets. To date, the project has analyzed morethan 500,000 Android and iOS applications. The App Genome Project was created by Lookout Mobile

Security as an ongoing effort to provide insight into mobile market dynamics, gain insight into how mobileapps access personal data and sensitive capabilities on mobile devices, and identify security threats in the

wild.

Sections:

Platform WarsApp EconomyPersonal InfoAlternative Markets

Highlights

Platform Wars: Growth of Apps in The Android Market Outpaces Apple App Store, but

iOS Still Attracts Far More Developers

The number of apps available on the Android Market increased by approximately 127% since August2010, while the Apple App Store grew at a relative rate of 44%.

If each market continues to grow at the same rate, the Android Market will have more apps than the

Apple App Store by mid-2012.Android Market developers typically release more apps than Apple App Store developers. On averagethe Android Market has 6.2 apps per developer and the Apple App Store has 4.8 apps per developer.

Note, App Genome Project replicates the experience of a U.S. user. For both the Android Market andApple App Store it only accounts for apps available for download to U.S. users.

App Economy: The Android Market is Maturing with Growth in Paid Apps

The Android Market’s prevalence of paid apps increased from 22% in August 2010 to 34% in February

2011, whereas the proportion of paid apps in the Apple App Store decreased slightly during the same

period, going from 71% to 66%.Android Market price points have increased: the proportion of paid Android Market apps costing $0.99or less decreased from 61% in August 2010 to 37% in February 2011.

In terms of advertising within apps, the Google AdMob SDK is integrated into more free apps in boththe Android Market and the Apple App Store than any other ad platform, though iAd is quickly gaining

Genome Report – February 2011 https://www.mylookout.com/appgenome

12 17/03/2011 13:38



traction in the Apple App Store.

Personal Info: Nearly One Third of Apps in Android Market and Apple App Store

Access Users’ Location

The Apple App Store has a higher prevalence of apps with the capability to access contacts andlocation than the Android Market.

28% of all apps in the Android Market and 34% of all free apps in the Apple App Store have thecapability to access location.7.5% of Android Market apps and 11% of Apple App Store apps have the capability to access users’contacts.

Alternative App Markets: Increase Choice of Apps, but Some Have a Higher Propensity

for Security Risks

The App Genome Project analyzed two alternative markets for Android that target Chinese users.While these markets serve a legitimate need for localized apps, they also host pirated and repackagedapps. Nearly 11% of the apps also available on the Android Market were found to be repackaged and

likely submitted by someone other than original developer.Of these repackaged apps, a quarter request more permissions than the original app.

In the case of iOS, alternative markets provide owners of jailbroken devices access to unique or piratedapps. We found that one of the markets we analyzed predominately hosts pirated apps (85%).8% of all paid apps in the Apple App Store were found pirated on one alternative iOS market.

Methodology

The data for this specific report is drawn from the Android Market, the Apple App Store, and four specificalternative markets–two for Android and two for iOS. When analyzing apps available at a particular point in

time, this report considers the most recent version of each application that was available at that point in timeso as not to count updates as separate apps; if an app is unpublished from the market at that point in time, themost recently available version of that app is used. Data gathered from the Android Market and Apple AppStore was analyzed to replicate the experience of a user in the United States; applications are not counted if

they are not available to US users.

When analyzing applications for capabilities and the presence of SDKs, the App Genome Project analyzes binaries for free applications in order to detect the presence of particular types of code. As with any form of

static analysis results, it is important to note that even if a given application has the capability to access a particular type of sensitive data or has a particular SDK present, the application does not necessarily utilizethat capability or the included SDK when run on a device.

top of page

Platform Wars: Android vs. iOS

In support of recent handset shipment data covering Android’s tremendous growth, we found that even

though there are more total apps in the Apple App Store, the Android Market’s relative growth rate is nearly

three times that of the Apple App Store. If each market continues to grow at the same rate, the AndroidMarket will have more apps than the Apple App Store by mid 2012.

The number of apps available on the Android Market increased approximately 127% since August2010, while the Apple App Store grew at a relative rate of 44% [fig1].


12 17/03/2011 13:38



The Apple App Store is still in pole position in terms of total apps— with nearly 350k—by adding 100k new apps in the past 6 months. The Android Market has fewer apps, at nearly 90k, but has addednearly 50k in the last 6 months, more than doubling its size [fig1].

Note, App Genome Project replicates the experience of a U.S. user. For both the Android Market andApple App Store it only accounts for apps available for download to U.S. users.

Fig. 1

The Android Market may be growing at a faster rate than the Apple App Store, but the Apple App Store

continues to attract a significant portion of developers.

The number of unique developers publishing applications in the Android Market and Apple App Storeis growing at a comparable rate for each platform—with Apple slightly in the lead.

The Apple App Store attracted nearly 24k developers between August 2010 and February 2011,whereas the Android Market attracted just over 4k developers in the same time period [fig2].The number of unique developers in the Apple App Store grew by approximately 48% over the past 6months, while the number of unique developers in the Android Market grew by just over 40% [fig2].

The Android Market generally has more apps per developer than the App Store [fig3]. The averagenumber of apps submitted per developer is 6.6 in the Android Market and 4.8 in the App Store [fig3].

Apps Available in Android Market and Apple App Store

Apple App StoreAndroid Market

2010-08-15 2011-02-140k

100k

200k

300k

400k

N u m b e r o f A p p s


12 17/03/2011 13:38



Fig. 2

Fig. 3

Top of page

The App Economy: Who’s Charging for Apps?

Previously, apps in the Android Market have been primarily free; however, over the past 6 months, theAndroid Market has seen an influx of paid apps. In contrast, the Apple App Store has seen an increase in the

proportion of free apps, with prices of paid apps remaining steady.

The Android Market saw its prevalence of paid apps grow from 22% to 34% during the past 6 months[fig4].

The prevalence of paid apps in the Apple App Store decreased from 70% to 66% in the past 6 months

Number of Developers in Android Market and Apple App Store

Apple App StoreAndroid Marke t

2010-08-15 2011-02-140k

20k

40k

60k

80k

N u m b e r o f D e v e l o p e r s

Apps per Developer in Android Market and Apple App Store

>10 Apps6-10 Apps2-5 Apps1 App

Android Market Apple App Store0

100

25

50

75

P e r c e n t a g e o f D

e v e l o p e r s


12 17/03/2011 13:38



[fig4].

Fig. 4

In the Android Market, prices have shifted upwards whereas in the Apple App Store, prices have remained

relatively steady.

More than 95% of paid apps in the Android Market cost less than $10, though the prevalence of apps priced greater than $10 has significantly increased during the past 6 months [fig5].While most Android Market apps are priced at $2.99 or less (73%), the $0.99 or less price point hasseen a major decrease [fig5].

The largest areas of growth in the Android Market are in apps priced between $1-$9.99, with both the$1-$2.99 and $3-$9.99 segments seeing significant growth [fig5].

In the Apple App store, price points have for the most part remained steady [fig6].

Fig. 5

Free vs. Paid Apps in Android Market and Apple App Store

Android - freeAndroid - paidiPhone - freeiPhone - paid

2010-08-15 2011-02-140

100

25

50

75

P e r c e n t a g e o f A p p s

Price of Apps in Android Market

$10.00 or more$3-9.99$1-2.99$0.99 or less

2010-08-15 2011-02-14

0

100

25

50

75

P e r c e n t a g e o f P a i d A p p s


12 17/03/2011 13:38



Fig. 6

top of page

Advertising SDK Integration

In free apps for both the Android Market and Apple App Store, Google AdMob is the most popular ad

platform. The marketshare of advertising SDKs in free apps has remained relatively consistent, with theexception of iAd rapidly gaining traction in free Apple App Store apps. We expect to see iAd surpass AdMobin prevalence amongst free Apple App Store apps during the first half of 2011.

AdMob is the dominant player on the Android Market, being integrated into over 40% of free apps.Amongst free Android Market apps, the AdMob SDK has increased in prevalence from 37% to 41%

over the last 6 months [fig7].AdMob is the incumbent on iOS, being present in 17% of free apps on the Apple App Store [fig8].

iAd may emerge to become the dominant player on iOS, having grown from just 5.6% of free AppleApp Store apps to 15% during the past 6 months [fig8].Please note that the App Genome Project dataset measures prevalence of advertising SDKs in freeapps, some apps including more than one advertising SDK. This report does not measure the reach,

number of ad impressions, or any related measures of mobile ad market share for the advertisingnetworks used by these SDKs.

Price of Apps in Apple App Store

$10.00 or more$3-9.99$1-2.99$0.99 or less

2010-08-15 2011-02-140

100

25

50

75

P e r c e n t a g e o f P a i d A p p s


12 17/03/2011 13:38



Fig. 7

Fig. 8

top of page

Personal Info: What are Apps Accessing?

Close to a third of apps in both the Apple App Store and the Android Market have the capability to accessusers’ location, and, overall, there more are apps in the Apple App Store with the capability to access

location or contact information than the Android Market. While the prevalence of access to sensitive data isstill quite high, both platforms have seen a small decrease in the proportion of apps having the capability toaccess location or contacts over the past 6 months. This trend may be driven by an increased level of developer sophistication and a heightened awareness of privacy concerns amongst both users and developers.

We expect that as developers gain more skill in developing for Android and iOS, there will be fewer

Advertising Prevalence in Android Market

AdMobGoogle AdsMobclixMillenial Media

2010-08-15 2011-02-140

10

20

30

40

50

P e r c e n t a g e o f F r e e A p p s

Advertising Prevalence in Apple App Store

AdMob

iAdMillenial MediaMobclixGoogle Ads

2010-08-15 2011-02-140

5

10

15

20

P e r c e n t a g e o f F

r e e A p p s


12 17/03/2011 13:38



applications that accidentally access personal information and more applications that do so purposefully.

28% of free apps in the Android Market and 34% of free apps in the Apple App Store have thecapability to access location [fig9 and10].

7.5% of free apps in the Android Market and 11% of free apps in the Apple App Store have the

capability to access contacts [fig9 and 10].Over the past 6 months, the prevalence of apps in the Android Market that have the capability to

access location has decreased modestly by approximately 1.6%, while the prevalence of apps having

the capability to access contacts has decreased by approximately 0.6%. In the same time period, the prevalence of free apps in the Apple App Store that have the capability to access location hasdecreased by approximately 2.6% and the prevalence of apps having the capability to access contacts

has decreased by approximately 3.6% [fig9 and 10].

Fig. 9

Fig. 10

top of page

Prevalence of Capabilities in Android Market

Read LocationRead Contacts

2010-08-15 2011-02-145

10

15

20

25

30

35

P e r c e n t a g e o f F r e e A

p p s

Prevalence of Capabilities in Apple App Store

Read LocationRead Contacts

2010-08-15 2011-02-14

5

10

15

20

25

30

35

40

P e r c e n t a g e o f F r e e A p p s


12 17/03/2011 13:38



Alternative App Markets: What Purpose do They Serve?

Currently, there is little data available characterizing alternative app markets for either iOS or Android. Whilethere are a number of alternative app markets for these platforms, this report focuses on results from twospecific alternative app markets for each platform. In analyzing these markets, we seek to understand thedifference between the types of apps available in official and alternative markets and identify risks associated

with downloading apps from them.

Alternative Android App Markets in China: A Prevalence of Repackaged Apps

For Android, we analyzed two alternative app markets that primarily target Chinese users. These marketscontained several categories of apps, ranging from unique apps found only in these markets to pirated

versions of paid apps.

Unique apps represented the largest proportion (61%), likely because these markets address a regionalneed not met through the Android Market [fig 11].Redistributed versions of free apps available in the Android Market make up 36% of the apps in the

two alternative markets [fig 11].

Pirated versions of paid Android Market apps made up only 2% of the apps in the two alternativemarkets [fig 11].

Fig. 11

Looking inside the apps on the alternate markets that also appear for free or paid in the official AndroidMarket (i.e. redistributed and pirated, respectively), we found that some were likely modified by a third party(i.e. repackaged) before being uploaded to the alternate market. Of the repackaged apps, many also

requested access to more permissions than their legitimate counterparts. The additional permissions requested by repackaged apps often include access to location, contact information, phone information (e.g. phonenumber, IMEI, IMSI), Internet access, and the ability to place phone calls. The repackaging of these apps,along with the requests for additional access to sensitive information, is often the effect of a third-party

adding an illegitimate ad network or malicious code having functionality such as making premium rate phonecalls or sending premium rate SMS messages without the user’s knowledge. There have been multiple

instances in the past few months where repackaged apps in alternative Android markets have served as hostsfor malware. The Geinimi Trojan found earlier this year is an example of this.

Nearly 11% of apps in alternative markets that are also available in the Android Market are

Composition of Example Third-Party Android App Sources

Unique – 61.4%

Redistributed – 36.3%

Pirated – 2.3%


12 17/03/2011 13:38



repackaged (i.e. likely modified by a third party). Of the repackaged apps, nearly a quarter requestmore permissions than the original version in the Android Market [fig 12].Over 6% of apps in alternative markets that are also available in the Android Market are pirated. Of

these, approximately 14% request additional permissions than their paid counterparts [fig 12].

Fig. 12

Alternative iPhone Markets: Apps for Jailbreakers

Alternative markets for iOS provide owners of jailbroken devices access to apps not available in the Apple

App Store and, in some cases, to pirated apps as well. This report focuses on data from two alternative appmarkets for iOS devices. The first market primarily hosts pirated apps from the Apple App Store while the

second market focuses on unique apps and libraries not available in the App Store and is primarily targeted at power users. The second market is unique in that it does not have a single catalog of apps, but instead utilizesa variety of user-selectable third-party repositories to supply the packages available for download. Becausesome third-party repositories alter the identifiers of their packages, some applications that are considered

unique may actually be redistributed or pirated versions of apps in the App Store. This report focuses on 26 popular repositories available for this market to get a broad look at this market as each repository may have a

different composition of unique, redistributed, and pirated packages.

85% of the apps in one alternative iOS market were pirated versions of paid apps available in the

Apple App Store. 5% of the apps in this market are offered for free in the Apple App Store [fig 13].8% of all paid apps available in the Apple App store are found pirated in one alternative iOS market[fig13].

Nearly all apps in another iOS market are unique to jailbroken devices [fig 13].

Analysis of Pirated & Redistributed Android Apps

Legitimate – 82.6%

Repackaged – 8.3%

Repackaged + new permissions – 2.7%Pirated – 5.5%

Pirated + new permissions – 0.9%


f 12 17/03/2011 13:38



Fig. 13

Conclusion

Over the past six months there have been major developments in the mobile app ecosystem, particularly dueto the growing and rapidly maturing Android Market. We expect both the Android Market and Apple App

Store to continue growing at a rapid clip, especially given the overall growth of both platforms. As bothdeveloper skill increase and user awareness about private data accessed by apps increase, we expect appdevelopers to more judiciously access it. We also expect to see more consolidation in the number of ad SDKsin the market with some of the smaller players perhaps leaving the market.

Alternative app markets for both Android and iOS exist to fulfill a specific need not covered by officialmarkets. The Android alternative markets meet a regional need not covered by the Android Market, and inthe case of iOS, alternative markets provide owners of jailbroken devices access to unique or pirated apps.While the uses for alternate markets differ, the data indicates a significantly lower degree of curation and

therefore a higher risk of threats. For both Android and iOS, the conclusion is the same: users need to applyextra caution in downloading apps from alternative markets to mitigate the risk of downloading malicious,

pirated or repackaged applications.

As the overall app ecosystem continues to evolve with the addition of new alternative app markets, strategic

moves made by the competing platforms and heightened awareness about the capabilities of the apps on our devices, we expect to see even more dynamic changes in the coming months.

top of page

Recent Security Analysis

Geinimi Trojan Analysis

Android TapjackingMobile Banking Security Flaws

Site Map

Home

Features

Apps Available on Example Alternative iOS App Markets

Unique – 9.6%


Pirated – 85.1%Unique – 99.6%


Pirated – 0%


f 12 17/03/2011 13:38



AboutBlogSupport

Partner with UsLog In

Why Use Lookout?

Security

BackupMissing DeviceManagement

Download Lookout

FreePremium

Available for

AndroidBlackBerryWindows Mobile

About Lookout

Our CompanyLeadership News Room

Careers & JobsSecurity & PrivacyTwitter Facebook

Support

FAQsSupport ForumContact Us

© 2011 Lookout, Inc. All rights reserved. Patents pending. Privacy Policy / Terms


Documents

App Genome Feb 2011