<![CDATA[Online transportation is a service provided over the internet, representing a technological innovation that has significantly facilitated travel for Indonesians. These applications have gained widespread adoption in Indonesia, serving as alternatives to conventional transport modes like taxis and traditional motorcycle taxis. They offer convenience and speed in booking rides, along with secure transactions through digital payment systems. Despite the user-friendly experience and advantages offered by these applications, their security cannot be overlooked. The increasing accessibility of Android-based online transportation applications has made them a prime target for malicious actors ("Crackers") who may exploit vulnerabilities for nefarious purposes. This research aims to identify security vulnerabilities and compare the security found in Android-based online transportation applications. The researcher utilized the Mobile Security Framework (MobSF) to conduct static security analysis focusing on parameters such as dangerous permissions, weak cryptography, root detection, SSL bypass, and domain malware checks. The security assessments of Gojek, Maxim, and Grab revealed moderate security risks. Gojek scored 44/100, Maxim 47/100, and Grab 50/100 in terms of security ratings. All three applications were found to have vulnerabilities related to dangerous permissions and weak cryptography. Specifically, Maxim was also susceptible to SSL bypass attacks. None of the applications had implemented root detection, but their domain malware checks were deemed satisfactory.]]>
Copyrights © 2025
