Panic-buying for COVID-19 might be behind us, but normal trips to the grocery stores, farmers’ markets, and restaurants are still a long way away. There’s debate on whether or not ordering delivery during the pandemic is ethical but some, for example, elderly or immune-compromised people, have no choice. Others believe that ordering through a food delivery service supports local businesses and delivery workers. According to app store intelligence firm Apptopia, delivery app downloads skyrocketed in March. For example, Instacart’s daily downloads have more than doubled.
Business data platform Statista projects the Online Food Delivery segment will reach $26,527 in revenue in 2020, and, with an expected annual growth rate (CAGR 2020-2024) of 5.1% have a projected market volume of $32,325 million by 2024.
DoorDash data breach, Home Chef, and more apps put delivery lovers’ internet privacy at risk
Since food delivery apps aren’t going anywhere, it’s time to understand and mitigate cybersecurity risks. Unfortunately, food delivery data breaches and losses of user information to unauthorized third parties are common. For example, in September 2019 the food delivery giant DoorDash was in the news for a user data breach. DoorDash’s data breach affected 4.9 million customers, merchants, and employees who set up an account with DoorDash prior to April 5th, 2019. In the DoorDash breach, customers had their name, delivery addresses, phone number, order history, passwords, and the last 4 digits of their payment cards stolen.
In March the meal kit delivery service Home Chef admitted that they had suffered a security breach that resulted in customer information being exposed.
The web poses threats not only to customers’ privacy but also to the local businesses they’re striving to support. In June 2019 GrubHub was caught registering fake domains to intercept orders and up-charge commission fees from restaurants. Both DoorDash and Grubhub received criticism for listing on their apps businesses that did not want to be there.
Circling back to customer app security, here is some actionable information.
Mobile security tips to protect your data
Ordering groceries online and indulging in takeout and delivery can mean making your personal information, including your payment details, vulnerable to hackers, third-party service providers, or even politically motivated state actors. Here are some quick and easy steps to protect your privacy.
1. Set a strong and unique password for each app you use
Follow the guidelines provided by the app and use uppercase characters as well as numbers and special characters. If one of your passwords is discovered it won’t put all the other information at risk. Consider using a password manager app. Using two-factor authentication is also a good practice.
2. Update your apps frequently
App developers address vulnerabilities regularly, so make sure the app you’re using is the most recent version. You can also set up your phone to automatically download updates.
3. Keep software up to date
Make sure your phone’s operating system is updated regularly.
4. Read through Terms & Conditions
Every user has on numerous occasions been guilty of accepting all terms without reading them first. Try to defeat that habit. You might be giving the app permission to forward your data to third parties, access your microphone or your contact list.
5. Be wary of unsecured Wi-Fi networks
Though it might be tempting to save some data, like your bank account numbers that you can’t memorize, remember that it allows the movement of data without encryption. If you have to use an open network, do not open your bank app or any other app that has your credit card information or copies of important documents. Alternatively, consider using a VPN.
6. Encrypt your data
A simple guide on doing so can be found here.
7. Install an antivirus or a security app
Sometimes, you just need an app to protect you from your apps.