Table 5.

Scoring methods used to assess apps.

Reference	Score	Weighted score
Papageorgiou et al, 2018 [6]	No	No, though there are “major issues” and “minor issues”
Minen et al, 2018 [14]	No	N/Aa
Huckvale et al, 2019 [15]	No	N/A
Scott et al, 2015 [19]	Yes. Risk score: 0-3; safety score: 0-6	No
Brüggemann et al, 2016 [20]	Yes. Connection security (S), information-sharing targets (T), unspecific information transfer (U), information collection (R), and log-in (L) are binary. Personal information type (P) is more elaborated: 13 types are considered and a correction factor is applied.	Yes, it can be configured by the user
Mense et al, 2016 [21]	No	N/A
Hutton et al, 2018 [22]	The paper does not give a score but, rather, explains how different heuristics are implemented. However, it is easy to assign a score to every app with the available information.	N/A, although it can be calculated (see Scoring Method section above)
Zapata et al, 2014 [23]	Yes: 0-6	No
Sunyaev et al, 2015 [24]	No	N/A
Leigh et al, 2017 [25]	Yes: 0-8	No
Baumel et al, 2017 [26]	Yes: 0-8, with 0 points being maximum privacy	No
Bachiri et al, 2018 [27]	Yes: 0-35	No
de las Aguas Robustillo Cortés et al, 2014 [28]	Yes, but it is a general app score, not only for privacy	Yes, weighted by experts
Quevedo-Rodríguez and Wagner, 2019 [29]	Yes, but as part of the global app quality	No
Knorr et al, 2015 [30]	No	N/A
Zapata et al, 2014 [31]	Yes	No
Bondaronek et al, 2018 [32]	No, at least for the privacy items	N/A
O’Laughlin et al, 2019 [33]	Yes: acceptable, unacceptable, or questionable	No
Adhikari et al, 2014 [34]	Yes. Risk score: 0-3; safety score: 0-5	No
Aliasgari et al, 2018 [35]	Yes. Although there is no global score, there are certain scores pertaining to Transport Layer Security (TLS) and Health Insurance Portability and Accountability Act (HIPAA) compliance.	No
Mense et al, 2016 [36]	No	N/A
Powell el al, 2018 [37]	Average score, median, and range for every item	No
Huckvale et al, 2015 [38]	No	N/A
Robillard et al, 2019 [39]	No	N/A

^aN/A: not applicable.