{"id":"https://openalex.org/W4415262449","doi":"https://doi.org/10.48550/arxiv.2510.12031","title":"Security and Privacy Assessment of U.S. and Non-U.S. Android E-Commerce Applications","display_name":"Security and Privacy Assessment of U.S. and Non-U.S. Android E-Commerce Applications","publication_year":2025,"publication_date":"2025-10-14","ids":{"openalex":"https://openalex.org/W4415262449","doi":"https://doi.org/10.48550/arxiv.2510.12031"},"language":"en","primary_location":{"id":"pmh:oai:arXiv.org:2510.12031","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2510.12031","pdf_url":"https://arxiv.org/pdf/2510.12031","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"type":"preprint","indexed_in":["arxiv","datacite"],"open_access":{"is_oa":true,"oa_status":"green","oa_url":"https://arxiv.org/pdf/2510.12031","any_repository_has_fulltext":true},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5010253832","display_name":"Urvashi Kishnani","orcid":"https://orcid.org/0000-0001-6389-5508"},"institutions":[],"countries":[],"is_corresponding":true,"raw_author_name":"Kishnani, Urvashi","raw_affiliation_strings":[],"affiliations":[]},{"author_position":"last","author":{"id":"https://openalex.org/A5059400253","display_name":"Sanchari Das","orcid":"https://orcid.org/0000-0003-1299-7867"},"institutions":[],"countries":[],"is_corresponding":false,"raw_author_name":"Das, Sanchari","raw_affiliation_strings":[],"affiliations":[]}],"institutions":[],"countries_distinct_count":0,"institutions_distinct_count":2,"corresponding_author_ids":["https://openalex.org/A5010253832"],"corresponding_institution_ids":[],"apc_list":null,"apc_paid":null,"fwci":null,"has_fulltext":true,"cited_by_count":0,"citation_normalized_percentile":null,"cited_by_percentile_year":null,"biblio":{"volume":null,"issue":null,"first_page":null,"last_page":null},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9969000220298767,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12799","display_name":"Mobile and Web Applications","score":0.968999981880188,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T13999","display_name":"Digital Rights Management and Security","score":0.9624999761581421,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/android","display_name":"Android (operating system)","score":0.6495000123977661},{"id":"https://openalex.org/keywords/certificate","display_name":"Certificate","score":0.6463000178337097},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.42500001192092896},{"id":"https://openalex.org/keywords/security-analysis","display_name":"Security analysis","score":0.4108000099658966},{"id":"https://openalex.org/keywords/information-privacy","display_name":"Information privacy","score":0.40049999952316284},{"id":"https://openalex.org/keywords/public-key-certificate","display_name":"Public key certificate","score":0.3919000029563904},{"id":"https://openalex.org/keywords/authorization-certificate","display_name":"Authorization certificate","score":0.3610999882221222},{"id":"https://openalex.org/keywords/mobile-apps","display_name":"Mobile apps","score":0.33880001306533813}],"concepts":[{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.7013000249862671},{"id":"https://openalex.org/C557433098","wikidata":"https://www.wikidata.org/wiki/Q94","display_name":"Android (operating system)","level":2,"score":0.6495000123977661},{"id":"https://openalex.org/C96865113","wikidata":"https://www.wikidata.org/wiki/Q2946816","display_name":"Certificate","level":2,"score":0.6463000178337097},{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.5972999930381775},{"id":"https://openalex.org/C108827166","wikidata":"https://www.wikidata.org/wiki/Q175975","display_name":"Internet privacy","level":1,"score":0.5697000026702881},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.42500001192092896},{"id":"https://openalex.org/C38369872","wikidata":"https://www.wikidata.org/wiki/Q7445009","display_name":"Security analysis","level":2,"score":0.4108000099658966},{"id":"https://openalex.org/C123201435","wikidata":"https://www.wikidata.org/wiki/Q456632","display_name":"Information privacy","level":2,"score":0.40049999952316284},{"id":"https://openalex.org/C167529545","wikidata":"https://www.wikidata.org/wiki/Q274758","display_name":"Public key certificate","level":4,"score":0.3919000029563904},{"id":"https://openalex.org/C175093008","wikidata":"https://www.wikidata.org/wiki/Q758251","display_name":"Authorization certificate","level":5,"score":0.3610999882221222},{"id":"https://openalex.org/C2988145974","wikidata":"https://www.wikidata.org/wiki/Q620615","display_name":"Mobile apps","level":2,"score":0.33880001306533813},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.32670000195503235},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.31859999895095825},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.3102000057697296},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.302700012922287},{"id":"https://openalex.org/C10511746","wikidata":"https://www.wikidata.org/wiki/Q899388","display_name":"Data security","level":3,"score":0.29190000891685486},{"id":"https://openalex.org/C169093310","wikidata":"https://www.wikidata.org/wiki/Q3702971","display_name":"Personally identifiable information","level":2,"score":0.28369998931884766},{"id":"https://openalex.org/C3017597292","wikidata":"https://www.wikidata.org/wiki/Q25052250","display_name":"Privacy protection","level":2,"score":0.28360000252723694},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.262800008058548},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.25859999656677246},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.25839999318122864}],"mesh":[],"locations_count":2,"locations":[{"id":"pmh:oai:arXiv.org:2510.12031","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2510.12031","pdf_url":"https://arxiv.org/pdf/2510.12031","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},{"id":"doi:10.48550/arxiv.2510.12031","is_oa":true,"landing_page_url":"https://doi.org/10.48550/arxiv.2510.12031","pdf_url":null,"source":{"id":"https://openalex.org/S4306400194","display_name":"arXiv (Cornell University)","issn_l":null,"issn":null,"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":"https://openalex.org/I205783295","host_organization_name":"Cornell University","host_organization_lineage":["https://openalex.org/I205783295"],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":null,"is_accepted":false,"is_published":null,"raw_source_name":null,"raw_type":"article"}],"best_oa_location":{"id":"pmh:oai:arXiv.org:2510.12031","is_oa":true,"landing_page_url":"http://arxiv.org/abs/2510.12031","pdf_url":"https://arxiv.org/pdf/2510.12031","source":{"id":"https://openalex.org/S4393918464","display_name":"ArXiv.org","issn_l":"2331-8422","issn":["2331-8422"],"is_oa":true,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":null,"raw_type":"text"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"pdf":true,"grobid_xml":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4415262449.pdf","grobid_xml":"https://content.openalex.org/works/W4415262449.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":[],"abstract_inverted_index":{"E-commerce":[0],"mobile":[1],"applications":[2],"are":[3],"central":[4],"to":[5],"global":[6],"financial":[7],"transactions,":[8],"making":[9],"their":[10],"security":[11,54,91],"and":[12,27,33,40,50,72,89],"privacy":[13],"crucial.":[14],"In":[15],"this":[16],"study,":[17],"we":[18],"analyze":[19],"92":[20],"top-grossing":[21],"Android":[22],"e-commerce":[23],"apps":[24,67],"(58":[25],"U.S.-based":[26],"34":[28],"international)":[29],"using":[30,46],"MobSF,":[31],"AndroBugs,":[32],"RiskInDroid.":[34],"Our":[35],"analysis":[36],"shows":[37],"widespread":[38],"SSL":[39],"certificate":[41,73],"weaknesses,":[42],"with":[43],"approximately":[44],"92%":[45],"unsecured":[47],"HTTP":[48],"connections":[49],"an":[51],"average":[52],"MobSF":[53],"score":[55],"of":[56,86],"40.92/100.":[57],"Over-privileged":[58],"permissions":[59],"were":[60],"identified":[61],"in":[62],"77":[63],"apps.":[64],"While":[65],"U.S.":[66],"exhibited":[68],"fewer":[69],"manifest,":[70],"code,":[71],"vulnerabilities,":[74],"both":[75],"groups":[76],"showed":[77],"similar":[78],"network-related":[79],"issues.":[80],"We":[81],"advocate":[82],"for":[83],"the":[84],"adoption":[85],"stronger,":[87],"standardized,":[88],"user-focused":[90],"practices":[92],"across":[93],"regions.":[94]},"counts_by_year":[],"updated_date":"2026-03-10T16:38:18.471706","created_date":"2025-10-17T00:00:00"}