Abstract
Automatic login is a commonly used feature of smartphones, because their small keyboards make it difficult to key in user credential information. However, this feature may pose a serious risk to smartphone users? privacy. The stored data for automatic login could be stolen by an attacker, resulting in identity theft. In this article, we demonstrate an execution of this attack in a systematic manner through two real-world Android application case studies by implementing a prototype. We also discuss five possible defense strategies to mitigate the risk of user credential data being stolen from the application files.
Full Text 
Sign-in/Register to access full text options
Sign-in/Register to access full text options 
Published version (
Free)
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
