Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

How to Secure Your Mobile App the Easy Way


Published on

The last thing on our minds when we are creating a new mobile app is security. But the truth is, the attacks on mobile apps are growing by the day. Learn how to make your mobile app secure and avoid a Snapchat hack with tricks, tools, and tips from the pros. The complete guide to keep your mobile app secure the easy way.

There has been a 163% increase of mobile malware in 2012. 78% of the top 100 Android and iOS apps have been hacked. Less than 5% of popular apps contain professional-grade protections to defend against hacking attacks.

Cracked mobile apps are at risk of:
• revenue loss (falling currency or dollars)
• unauthorized access to critical data
• intellectual property theft
• fraud
• altered user experience
• brand damage
Riskier apps, the ones that need more security
If you have an app that..
• asks for location
• collects personal information from users (pics, names, address)
• relies on remote servers for storing and manipulating users’ data
Apps that don’t require as much security
• alarm clocks
• local notes
• apps that never talks to the web
• Maintain updated libraries
• Try to use a secure mobile app content management system (CMS) like Joppar Content to send content to users securely
• Use an encrypted web address to pull app content from mobile app cms
• Secure the server, data, AND app if you’re handling user data
• Treat content passed in as trusted
• Collect or keep data you don’t need
• Save user data to NSUserDefaults or SharedPreferences. this saves as plain text! Just add and SDK into your mobile app Make sure you trust the source and check the security
• Forget to include https: ‘GET’ and ‘POST’ requests for images, documents, user login credentials, and other commonly transferred data
attacks such as disabled or circumvented security, unlocked or modified features,and free pirated copies.
More tips from the mobile app security pros:
Prateek, Security Researcher for Infosec Institute says…
“One thing mobile devs can do now – Make sure important information is not leaked or stored on the device. For e.g, while storing data locally in IOS applications, one should not use NSUserDefaults, Plist files or even Core Data to store important information like access tokens,passwords etc. A better option would be to store it in the keychain, even though it is also not safe in case of a jailbroken device”
Things to remember about mobile app security: 
• The bigger the user base, the greater the need for strong security
There you have it a quick bit on mobile app security, the easy way. But there is always more to learn about mobile.

To learn more about mobile app development go to Also, make sure to check out our mobile app optimization tools Joppar Content (our mobile app content management system) and Joppar Switch (our feature switching tool for mobile apps).

Published in: Technology
  • Be the first to comment

  • Be the first to like this

How to Secure Your Mobile App the Easy Way

  2. 2. First, the Facts…
  3. 3. 163% increase of mobile malware in 2012
  4. 4. 78% of the top 100 Android & iOS apps have been hacked
  5. 5. 5% of popular apps use tools to defend against hack attacks
  6. 6. 40% of popular free iOS apps
  7. 7. AND
  8. 8. 80% of popular free Android apps
  9. 9. were found to be hacked
  10. 10. So why should I care…
  11. 11. Cracked mobile apps risk…
  12. 12. Revenue Loss Unauthorized Access Intellectual Property Theft
  13. 13. Fraud Altered User Experience Brand Damage
  14. 14. Does My App Need to Be Secure? YES…but some apps are at greater risk than others
  15. 15. High Risk Apps •Ask Location •Collect user info •Remote servers
  16. 16. Low Risk Apps •Alarm •To Clocks Do Lists •Offline Apps
  17. 17. If the big guys can’t keep their mobile app secure, how can I?
  18. 18. DO…
  19. 19. Use https:// to get content
  20. 20. Maintain updated libraries
  21. 21. Use a secure mobile app (CMS)
  22. 22. Filter inputs at device level
  23. 23. Store in a secure location: iOS = Built-in Keychain class Android = Encrypt data
  24. 24. DON’T…
  25. 25. Treat content passed in as trusted ! Save to “NSUserDefaults" or “SharedPreferences" Forget https: ‘GET’ & ‘POST’
  26. 26. Connect to an unsecure backend ! Use one, static encryption key ! Skip code reviews with teams
  27. 27. What The Pros Have to Say About This
  28. 28. “Make sure to encrypt important files if stored locally. Also,defend against operating system vulnerabilities, e.g. for iOS apps, defend against runtime analysis.” –- Prateek Gianchandani Security Researcher
  29. 29. “Don’t keep info that you aren’t willing to spend money and time on to protect. Avoid rolling out your own authentication, unless security is your forte of course." –- Frank Rietta Web Security Developer
  30. 30. sounds like a lot of work... anything i can do quickly to secure my app?
  31. 31. Secure mobile app optimization tools
  32. 32. Two-Factor Authentication
  33. 33. Discover Code Flaws
  34. 34. Things to remember about mobile app security
  35. 35. The bigger the user base, the greater the need for strong security
  36. 36. Mobile users lose their devices, get them stolen, and let people borrow them. ! So protect their data!
  37. 37. If the NSA has taught us anything…Nothing is hack proof or 100% secure
  40. 40. Mobile App Optimization Tools Mobile App CMS Mobile App Feature Switching Send content to your app users in :27 seconds A circuit breaker for your mobile app
  41. 41. SOURCES: