As the world remains under quarantine due to the COVID-19 outbreak, many consumers are turning to virtual spaces to conduct everyday activities. According to a recent report from App Annie, there was a 20% year-over-year increase in mobile app usage in the first quarter of 2020. It wouldn’t be surprising if this number rises as citizens continue to shelter in place.
Mobile applications need keys and certificates, which serve as machine identities, to perform properly. However, if one of these certificates expires, then a service outage can occur.
Service outages can be especially problematic during COVID-19, when there’s more remote activity and new challenges. In late April, users of an Australian Android banking app noticed they could not connect. When the Register reached out to representatives, the bank responded with the following:
“There was a recent issue which was caused by an expired security certificate within the bank’s mobile banking app. It only affected Android users causing the ‘connection error’ message when customers tried to log in to their app. This security certificate problem has since been fixed, with a new app update released which has resolved the issue for the majority of impacted customers.”
Unfortunately, some users could not resolve the issue and needed to call the bank’s contact center for a fix. But, the bank, like the rest of the world, is adjusting to the new work environment of COVID-19. They told customers that their call center “experienced a higher volume of calls … as a function of the current market conditions, which is not unexpected given the circumstances.”
Unfortunately, expired certificates impact organizations across all regions, industries and sizes. According to a recent Venafi study of CIOs from the U.S., U.K., France, Germany and Australia, 60% experienced certificate-related outages that impacted critical business applications or services in 2018 alone. Preventing outages is now more critical for organizations as they turn to virtual and remote spaces to protect their users and employees from COVID-19.
In order to prevent outages, organizations should look for an automated solution that helps them discover all their certificates and then monitors those encryption assets for vulnerabilities and signs of misuse. Venafi has been helping the world’s largest organizations prevent certificate outages for over a decade. See our full list of steps you should follow to eliminate certificate outages.
Are you concerned your apps will be impacted by an outage?
- Venafi Study: Are Financial Service Organizations More Likely to Suffer Certificate-Related Outages?
- Majority of Businesses Still Experience Outages: Are You Protecting Your Certificates?
- GAO Report: Expired Certificate Allowed Extended Exfiltration
- How Big Is Your Risk of Certificate-based Outages?