The Vivid Seats app has been found to have “critical vulnerabilities”, according to a report by the American Consumer Institute Center for Citizen Research (ACI)
The security flaws are reportedly due to the use of an open source code, though it was not the only mobile app that was found to have such risks.
The report examined the ten most popular applications in the main categories available on the Google Play Store and found that 105 of the 330 apps had a varying degree of identified vulnerabilities.
“The vulnerabilities range from low to critical, and can be exploited to compromise consumer and enterprise devices, to perform data theft, identity theft, fraud or corporate espionage,” according to a post on the survey by Helpnetsecurity.com.
Forty three per cent of the 105 with flaws were categorised as “high” or “critical” in type. High and critical vulnerabilities “are more easily exploited and could cause significantly more damage than low and medium vulnerabilities,” the report states.
However, Vidid Seats isn’t the only ticketing app to have security risks. Gametime, SeatGeek, StubHub and Ticketmaster were also on the blacklist of vulnerable platforms.
Vivid Seats “had the highest risk in its category, including 19 critical vulnerabilities,” the report reads. “After retesting the newest software, the Clarity scans showed that the Vivid Seats software was still suffering from the same vulnerabilities.”
The report encouraged companies to invest further efforts and resources into fixing security issues to avoid customer data being compromised.
“It is imperative that apps providers address (known security flaws) to prevent consumer devices from being compromised and to protect the public against malicious online activity, loss of personal and company information, and identity theft,” the report says in its closing. “Apps providers need to develop best-practices now that will reduce these risks, or it will likely face a backlash from the public and policymakers.”