262 Category: Mobile and Wireless Computing

Mobile App Stores M

Michael Curran Letterkenny Institute of Technology, Ireland

Nigel McKelvey Letterkenny Institute of Technology, Ireland

Kevin Curran University of Ulster, School of Computing and Intelligent Systems, Northern Ireland

Subaginy Nadarajah University of Ulster, School of Computing and Intelligent Systems, Northern Ireland

INTRODUCTION Google Play store reached 1 million apps published and over 50 billion downloads. Apple to date, it has Applications stores such as Apples (App store) and handled over 15 billion app downloads. Apple takes Androids Google Play (formally known as the Market- 30 percent of all revenue generated through apps while place) are online stores where customers can purchase 70 percent goes to the app publisher. and download thousands of different mobile applica- Application stores are cloud-based markets in tions otherwise known as apps to use on their mobile that users can access the content through most web devices such as a handheld mobile device. These are devices e.g. iPod, iPad, tablet, Xbox or Smartphone also known as digital distribution platforms for ap- (Hollister, 2014). Apps are extremely popular among plications for popular mobile operating systems and Smartphone users, and are developed for thousands online electronics and digital media stores, operated of different uses including weather, budgeting, gam- by both Apple and Google. The services allows users ing, and others. The iPad and iPhone can be credited to browse and download applications developed with with the subsequent success of these app stores. The the Android & iOS SDKs as well as music, magazines, smart move made by Apple was to insist on a credit books, movies, and television programs. Users can also card being input into each device upon setup. This purchase hardware, such as headphones, iPods, iPhones, simple move encouraged a previously hesitant public iPads, ChromeBooks, Google Nexus-branded mobile to trust a device with their credit card details. It also devices, Chromecasts, and accessories, through both helped that subsequent purchases were carried out by stores. Applications are available either free of charge simply entering a password. The password also suf- or at a cost. Android apps can be downloaded directly ficed within a fifteen minute period. This has led to to an Android or Google TV device through the Play controversy however. Store mobile app, or by deploying the application to a In early 2014, Apple announced that it was refunding device from the Google Play website. App store apps over £20m sterling to customers whose children made can be downloaded to iPod, iPhone and iPad devices. in-app purchases without their permission when using Many applications can be targeted to specific users the parents’ iPhones or iPads. Apple was forced to reach based on a particular hardware attribute of their device, a settlement with the US Federal Trade Commission such as a motion sensor (for motion-dependent games) (FTC). It was the FTC who made the complaint that or a front-facing camera (for online video calling). Apps many of Apple’s child-friendly apps offered virtual can either be downloaded at a cost or downloaded for goods and other chargeable items within the apps. free. According to the Nielsen Company (2011), “The In truth, before the final ruling, Apple in 2013 had most commonly known apps that are used are Facebook, emailed just over 28 million of its customers to solicit weather channel and Google maps.” In July 2013, the their complaints. It received 37,000 claims, which it

DOI: 10.4018/978-1-4666-5888-2.ch561

Copyright © 2015, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited. Category: Mobile and WirelessMobile AppComputing Stores

refunded (Walker, 2014). Despite setbacks like this levels of innovation and having a very positive impact however, the app stores for both Apple and Google on the rest of the mobile industry. M are becoming real “cash cows.” Apps allow customers to interact with the world, get information, social communication such as Facebook BACKGROUND or Google+ (Islam et al. 2010). Many mobile devices come preloaded with apps. E.g. Gowalla, Foursquare, The arrival of app stores has come through the arrival of Facebook or Google + which can allow users to share mobile devices for consumers. Mobile devices are out link posts with their friends. People can use messen- numbering PC’S and laptops around the world. Apps ger for chatting or make a low cost call using VoIP are simply becoming more beneficial for businesses to applications. The use of GPS can be used to provide reach their consumers. Now a days when a car breaks crucial location awareness for apps, road navigation, down and a person does not have breakdown insurance, and/or vehicle tracking (Hornyack et al., 2011; Kim they simply reach for their mobile, type “car breakdown” et al., 2008). or “garage” and the nearby listed breakdown services When using mobile applications for business we can will appear. Those who advertise on Google are more view product information, select and order a product. likely to get that new temporary customer. We can also use a mobile application such as “Google In general, mobile industries have two main services Wallet” for payments through a mobile device without which are voice and messaging. However with both using a credit card. Mobile banking and eTicketing are of these services are seeing revenues falling. This has other features becoming popular on mobiles. Some- been expected in the mobile industry and is a reason times we can use mobile apps for controlling a home behind the quest for the killer app. Ringtones becoming device from a remote location for example connecting popular between 2004 and 2006 showed the mobile to a home PC from a remote location in a train or car industry an insight into what content a customer might (Lange et al., 2011). We can watch videos and mov- demand on mobiles devices. But this demand became ies from YouTube using an app. As a rule of thumb a fad, and the popularity of ringtones began to decline. currently, games are the most popular categories of Many mobile service providers are still trying to emulate apps for mobile applications with approximately sixty the success of the ringtone downloads. percent reporting using a game app in a 30 day period. Video and mobile TV were among some of the Weather apps are the next most popular category with services previously hailed as the next killer app, but the the Weather Channel being the top weather app. Social content and service market had been in a state of decline media apps are next with Facebook & Instagram being until the industry was reinvigorated by the arrival of very popular. Other popular apps are Google Maps, the app store in the summer of 2008. The app store was Spotify and Vine. easy to navigate with an iPhone or iPad. The app store People are using mobile devices increasingly to do presented content in a clear and orderly manner that daily tasks like checking email more so than using say immediately highlighted the fundamental flaws previ- a laptop or desktop (Nielsen, 2011).. The use of mobile ously demonstrated by operator portals in particular. VOIP has resulted in people making long distance calls User reviews and ratings, trials and the visualisation more cheaply. More and more are switching to view- of available content provides users with the finest ing content on a mobile device (Grace et al., 2012). purchasing experience on mobile (Webpagefx, 2011). The apps of course to facilitate all this come from the There is over 20 content categories available on the respective app stores. A common pricing model now App Store, ranging from games, entertainment, music is the freemium model. This is where the app itself is and social networking. According to (Khanna, 2009) free to download and use but to get additional features, one has to pay to unlock those features. Most games ..the App Store has delivered new hope to the developer are moving to the freemium model as a result and it is community, providing an opportunity beyond the estab- a powerful strategy. lished content producers and publishers, and opening the door for “garage developers”. This is spurring new

263 Category:Mobile App Mobile Stores and Wireless Computing

APPLE AND GOOGLE the world’s leading search provider, (Felt et al., 2011). Unlike Apple’s iPhone, where the hardware and operat- M Different mobile operating systems are provided by ing system is exclusively an Apple product, Android different mobile companies with their own mobile ap- handsets are manufactured for use with the Android plication market. Since the release of the first iPhone in OS by HTC, Samsung, Motorola, and others. The first 2008 and following the opening of the apple app store, Android tablet, the Motorola Xoom, was released in content producers have had an ever-growing number of February 2011. Google’s Android OS has gained some options for delivering their content to consumers. Each traction in the Smartphone market, but Android-based of the major platforms has strengths and weaknesses, tablets have lagged far behind the immensely popular and the choice of which device and market to focus on iPad. The Kindle fire and Google Nexus are examples can have a significant impact for companies wishing of popular Android devices. to deliver their content digitally (Enck et al., 2009). Though Android-based Smartphone users are App providers also have the choice of developing na- expected to outnumber iPhone, they are less active in tive apps for each platform or a platform independent app downloads, and Android’s market share of app responsive app which renders in a similar manner on revenues remains small. This can be attributed in part each platform. There are less ‘powerful’ features avail- to the higher proportion of free apps on the Android able when developing a more generic app but the costs Market – 67% of all Android apps are free, compared are reduced significantly. A popular multi-platform to only 37% distributed through Apple’s App Store. The tool is phone gap which allows developers to create Android Market follows a similar structure for develop- a single code base which can be deployed on various ers as Apple’s App Store, with the developer taking mobile device operating systems later. 70% of the price of the app, and various intermediaries, The Apple App Store for serving the iPad, iPhone, such as mobile phone carriers, the remaining 30%. For and iPod line of devices, has the largest market share Amazon tablets like the Kindle Fire, apps can also be of any app provider. Apple’s iPad dominates the tablet purchased through the Amazon App Store for Android. market as well. According to Monarch Media (2012)

About 80% of tablets sold in 2011 were iPad2s, and SMARTPHONE VULNERABILITIES 97.2% of tablet-driven Internet traffic came from iPad users. Apple’s App Store made its debut in July 2008, Smartphone vulnerabilities include a large attack creating the world of third-party app publishing for surface, thanks to the numerous protocol connections mobile devices. From just 500 third-party applications such as WiFi, SMS, MMS, GPS, cell radio, email, at its launch, the number of apps has grown to more Web and USB. Unfortunately, you cannot reduce this than 500,000, with tens of billions of apps downloaded attack surface, because the connections are what give overall. the device its value. Other factors making smartphone use susceptible to attacks include the arrival of mal- For an app to publish in the App Store, apps must ware on the app stores. At the same time, the smaller, be approved by Apple and are tested for reliability lower-accuracy keyboards on mobile devices have a and content. Once approved, the developer sets the negative impact on authentication, he says: A secure, price of the app and takes a 70% share of sales, with 10-character password that is easily entered on a desktop the remaining 30% going to Apple. This has not been with 11 or so keystrokes can take 25 key-presses on a without controversy but developers have little recourse small-keyboard smartphone. to move elsewhere particularly in the case of Apple. There is also the problem of a lost or stolen smart- Apple also have strict testing procedures on apps phone. If it is not protected with a PIN, then it takes submitted for inclusion in the app store. It can be a little effort to access the data on the device. Even in the tedious procedure for some developers to eventually cases where the device is password-protected, it may become approved. still be possible to gain access to its data by exploiting Google entered the Smartphone market with its first other system vulnerabilities. Android tends to be more Android device in October 2008 after many years as vulnerable than iOS. A survey in 2012 found that more

264 Category: Mobile and WirelessMobile AppComputing Stores

than half of all Android devices were running a ver- There is also a move towards bringing larger screen, sion of the operating system that was over 18 months more powerful, devices to the market which double as M old. Many times, updates are not pushed over-the-air a smartphone and a tablet. This year at the Consumer (OTA) so users are required to go to support websites, Electronics Show (CES) in Las Vegas, many of the download and unzip packages, manually backup their major mobile manufacturers showed off smartphones data, and spend time going through painful processes with 6 inch+ displays. These are known as phablets. to get the latest updates. You can imagine that only There is also the worry that the fragmentation issues true geeks are going to do this. which mobile platforms are facing will get worse each It is a worry because increasingly people are using year as new devices hit the shelves with their various smartphones for online banking and shopping and stor- implementations and operating systems therefore the ing other sensitive information. Yes corporations are actual cost of rolling out an app across multiple devices forcing encryption on users who wish to connect to the can dramatically increase for all involved (Enck et al., email server but not all are doing this yet. We need to 2011). In reality, a small number of software houses start viewing these devices with the same scrutiny as like Rovio, the creators of the game Angry Birds, take applied to normal desktop computers and laptops. All the lion’s share of the profits. Being showcased in software has vulnerabilities and the Android code is no the top charts by Apple or Google is crucial to being more vulnerable than Apple iOS or any other operating successful. That is unlikely to change anytime soon. system so the real issue is what happens when a flaw is discovered. The quicker a software update can be distributed, the more secure that phone becomes. The CONCLUSION longer a device remains outdated with known vulner- abilities, the greater the risk. A first rule of reaming The trend towards mobile does not look like coming to safe online is to update once updates appear. It simply an end anytime soon. Even Windows is being changed makes it much harder for the hacker. to suit the tablet market. App stores are the cornerstone of the mobile world. Here is where all purchases are made. All software in the future is expected to reside FUTURE RESEARCH DIRECTIONS solely in app stores. There may always be controver- sies about exploitation of young people through the in With Apple’s current market dominance and active, game app purchase where parents are ignorant to the established user base, it is a more tempting market for subsequent purchases but that may also be overcome app developers. Android devices, however, are gaining as in app purchasing becomes a part of life. a steadily larger market share and Android devices Quite simply, most people are using mobile applica- are by far the most popular in lower-income brackets. tions instead of pc’s to do simple tasks such as check- Thanks to a robust app developer community and a ing emails, posting to social media site and browsing growing number of cross-platform developer tools TV programmes. Many of the software development that enable content producers to more easily create houses are moving towards applications development apps for multiple mobile operating systems, there is as the market simply demands it and more and more clearly wisdom in developing and delivering content web services support it. on more than one platform. HTML5 is a technology standard which aims to remove the platform dependence of earlier web pages. HTML 5 is the latest iteration REFERENCES of the Hyper Text Mark-Up language (HTML) which underpins every webpage. Booz & Company. (2010). The Rise of Mobile Ap- It can be difficult to predict the future. The Win- plication Stores Gateways to the World of Apps. dows App store continues to also steadily increase the Retrieved from http://www.booz.com/media/uploads/ number of apps arriving and the arrival of the tablet The_Rise_of_Mobile_Application_Stores.pdf friendly Windows 8 operating system may slowly start to eat into Apple and Android market share.

265 Category:Mobile App Mobile Stores and Wireless Computing

Enck, W., Octeau, D., & McDaniel, P. (2009). On Lange, M., Liebergeld, S., & Lackorzynski, A. (2011). Lightweight Mobile Phone Application Certification. In Android: A Generic Operating System Framework M Proceedings of the 16th ACM Conference on Computer for Secure Smartphones. In Proceedings of the 1st and Communications Security, CCS ’09. Workshop on Security and Privacy in Smartphones and Mobile Devices, CCS-SPSM’11. Enck, W., Octeau, D., McDaniel, P., & Chaudhuri, S. (2011). A Study of Android Application Security. In Nielsen. (2011). The State Of Mobile Apps http://blog. Proceedings of the 20th USENIX Security Symposium, nielsen.com/nielsenwire/wp-content/uploads/2010/09/ USENIX Security ’11. NielsenMobileAppsWhitepaper.pdf

Felt, A., Chin, E., Hanna, S., Song, D., & Wagner, D. Walker, T. (2014). Apple will pay parents £20m over in- (2011). Android Permissions Demystied. In Proceed- app purchases. The Independent. Retrieved on January ings of the 18th ACM Conference on Computer and 15, 2014 from http://www.independent.co.uk/life-style/ Communications Security, CCS ’11. gadgets-and-tech/news/apple-will-pay-parents-20m- over-inapp-purchases-9062723.html Grace, M., Zhou, Y., Wang, Z., & Jiang, X. (2012). Systematic Detection of Capability Leaks in Stock Webpagefx. (2011). A History of App Stores: Apple, Android Smartphones. In Proceedings of the 19th An- Google, and Everyone Else. Retrieved from http:// nual Symposium on Network and Distributed System www.webpagefx.com/blog/Internet/history-of-app- Security, NDSS ’12. stores-infographic

Hollister, S. (2014). Starbucks admits iOS app stored passwords in plain text, The Verge, Retrieved on January 15, 2014 from, http://www.theverge. ADDITIONAL READING com/2014/1/15/5313648/starbucks-admits-ios-app- stored-passwords-in-plain-text Adriana. (2012). Uses Of Mobile Applications For Smart Phones. Retrieved on October 24, 2010 from Hornyack, P., Han, S., Jung, J., Schechter, S., & We- http://ezinearticles.com/?Uses-Of-Mobile-Applica- therall, D. (2011). These Aren’t the Droids You’re tions-ForSmart Phones&id=5161301 Looking For: Retrofitting Android to Protect Data from Imperious Applications. In Proceedings of the 18th Chickowski. (2009). Ten best practices for mobile ACM Conference on Computer and Communications security. Baseline Magazine. Retrieved on February Security, CCS ’11. 26, 2009 from http://www.baselinemag.com/c/a/ Mobile-and-Wireless/10-Best-Practices-for-Mobile- Islam, M., Islam, R., & Mazumder, T. (2010). Mobile Device-Security/. Application and Its Global Impact. International Journal of Engineering & Technology, 10(6), 72–78. Dey. (1998). Context-aware computing: the CyberDesk Retrieved from http://www.ijens.org/107506-0909%20 project. In Proceedings of the AAAI, Spring Sympo- IJET-IJENS.pdf sium on Intelligent Environments (pp.51-54). Menlo Park, CA. Khanna, A. (2009). The future of mobile application storefronts. Wireless Expertise Report. Retrieved Dwivedi, H., Clark, C., & Thiel, D. (2009). Mobile from http://www.mobilemondayshanghai.net/files/ Application Security. McGraw Hill Professional. The%20future%20of%20Mobile%20Application%20 Storefronts%20-%20Wireless%20Expertise%20Re- Egele, K. Kirda, & Vigna. (2011). PiOS: Detecting Proceedings of port2009.pdf Privacy Leaks in iOS Applications. In the 18th Annual Symposium on Network and Distributed Kim, H., Smith, J., & Shin, K. (2008). Detecting Energy- System Security, NDSS ’11. Greedy Anomalies and Mobile Malware Variants. In Proceeding of the 6th International Conference on Mo- bile Systems, Applications, and Services, MobiSys ’08.

266 Category: Mobile and WirelessMobile AppComputing Stores

Enck, G., & Chun, C. Jung, McDaniel, & Sheth. (2010). Lingfen, Woods, Curran, & Doherty. (2010). Mobile TaintDroid: An Information-Flow Tracking System Development Environments for Electronic Finance. In- M for Realtime Privacy Monitoring on Smartphones. In ternational Journal of Electronic Finance, 4(3), 20–28. Proceedings of the 9th USENIX Symposium on Oper- ating Systems Design and Implementation, USENIX Mobile web. (2012). In Wikipedia. Retrieved from http://en.wikipedia.org/wiki/Mobile_Web. OSDI ’10. Ngai, & Gunasekaran. (2007). A review for mobile Felt, P., & Finifter, C. Hanna, & Wagner. (2011). A commerce research and applications. Decision Support Survey of Mobile Malware In The Wild. In Proceed- ings of the 1st Workshop on Security and Privacy in Systems, 43(1), 3-15. Smartphones and Mobile Devices, CCS-SPSM’11. Ni, & Zheng. (2006). Smart phone and next generation mobile computing. San Francisco: Morgan Kaufmann Felt, Wang, Moshchuk, Hanna, & Chin. (2011). Publishers. Permission Re-Delegation: Attacks and Defenses. In Proceedings of the 20th USENIX Security Symposium, Nielsen. (2013). The State Of Mobile Apps, Industry USENIX Security ’11. Report

Global Mobile Application Market. (2010-2015). O’Neill. (2009). Facebook Has Over 4 Million Daily Markets and Markets. Retrieved on August 2010, from Mobile Users. Retrieved on February 2, 2009 from http://www.researchandmarkets.com/research/9692cd/ http://www.allfacebook.com/facebook-daily-mobile- global_mobile_ap users-2009-02.

Gohring, N. (2010). Google Apps now can remote- Ongtang, McLaughlin, Enck, & McDaniel. (2009). wipe files from iPhones and Windows Mobile devices. Semantically Rich Application-Centric Security in Infoworld. Retrieved on February 4, 2010 from http:// Android. In Proceedings of the 2009 Annual Computer www.infoworld.com/d/mobilize/google-apps-now- Security Applications Conference, ACSAC ’09. can-remote-wipe-files-iphones-and-windows-mobile- devices-175?source=rss_infoworld_news Pires, C. (2009). Mobile Applications; Past, Present, and Future. Retrieved from http://mobilemondaypor- Hegarty, Lunney, Curran, & Mulvenna. (2010). Am- tugal.com/?p=180. bient Interface Design (AID) for the Ergonomically Challenged. International Journal of Ambient Com- Ryan, Pascoe, & Morse. (1997). Enhanced reality puting and Intelligence, 2(2), 57–65. doi:10.4018/ fieldwork: the context-aware archaeological assistant. Proceedings of the 25th Anniv. Computer Applica- jaci.2010040104 In tions in Archaeology. Hull, Neaves, & Bedford-Roberts. (1997). Towards situated computing. In Proceedings of the First Interna- Slivka. (n.d.) Flurry: 22% of Recent Mobile Appli- tional Symposium on Wearable Computers (ISWC ‘97). cations Starts Targeting iPad. Retrieved on April 2, 2010 from http://www.macrumors.com/2010/04/02/ ITU. (2008). International Telecommunications Union, flurry-22-of-recent-mobileapplications-starts-target- Market Information and Statistics. Retrieved from ing-ipad/. http://www.itu.int/ITU-D/ict/statistics/ Srinivasan. (2010). Fastest Growing Mobile App Khanna. (2009). The future of mobile application Categories. Retrieved on June 17, 2010 from http:// storefronts. Market Report. Wireless Expertise Ltd. gorumors.com/crunchies/fastest-growing-mobile- appcategories/. Levitan. (2010). IBM Survey: IT Professionals Pre- dict Mobile and Cloud Technologies Will Dominate Xie, Z. Seifert, & Zhu. (2010). pBMDS: A Behavior- Enterprise Computing By 2015. Retrieved on October based Malware Detection System for Cellphone De- 17, 2010 from http://www.fiercemobilecontent.com/ vices. In Proceedings of the 3rd ACM conference on press-releases/ibm-survey-itprofessionals-predict- Wireless Network Security, WiSec ’10. mobile-and-cloud-technologies-will-dominateenter.

267 Category:Mobile App Mobile Stores and Wireless Computing

Yang, H. Wang, & Hu. (2010). Flexible service ar- Mobile App: short for mobile application or just chitecture for maritime business promotion based on app, is application software designed to run on smart- M mobile Technology, New York: Springer. phones, tablet computers and other mobile devices. Protocol: An agreed-upon set of rules that facili- Zhou, Z. Jiang, & Freeh. (2011). Taming Information- tates the exchange information between two computers Stealing Smartphone Applications (on Android). In or devices. A protocol includes formatting rules that Proceeding of the 4th International Conference on specify how data is packaged into messages. It also Trust and Trustworthy Computing, TRUST ’11. may include conventions like message acknowledge- Zhou, Z. Jiang, & Ning. (2012). DroidMOSS: Detecting ment or data compression to support reliable and/or Repackaged Smartphone Applications in Third-Party high-performance network communication. Android Marketplaces. In Proceedings of the 2nd Social Network: A social network is a social struc- ACM Conference on Data and Application Security ture made up of individuals (or organizations) called and Privacy, CODASPY’12. “nodes,” which are tied (connected) by one or more specific types of interdependency, such as friendship, kinship, common interest, financial exchange, dis- like, sexual relationships, or relationships of beliefs, KEY TERMS AND DEFINITIONS knowledge or prestige. Web Service: A Web Service is a software com- Foursquare: Foursquare describes itself as a mobile ponent that is described via WSDL and is capable of application that makes cities easier to use and more being accessed via standard network protocols such interesting to explore. It is a friend-finder, a social city as but not limited to SOAP over HTTP. It has an guide and a game that challenges users to experience interface described in a machine-processable format new things, and rewards them for doing so. (specifically WSDL). Gowalla: Gowalla is a LBSN which only allows us- ers to share location information with a pre-determined subset of people. HTML5: A language for structuring and present- ing content for the World Wide Web, and is a core technology of the Internet originally proposed by Opera Software. Location-Based Service (LBS): A Location-Based Service (LBS) is an information or entertainment service, accessible with mobile devices through the mobile network and utilizing the ability to make use of the geographical position of the mobile device. Markup Language: A markup language is a modern system for annotating a text in a way that is syntactically distinguishable from that text.

268