The last thing on our minds when we are creating a new mobile app is security. But the truth is, the attacks on mobile apps are growing by the day. Learn how to make your mobile app secure and avoid a Snapchat hack with tricks, tools, and tips from the pros. The complete guide to keep your mobile app secure the easy way.
Transcript:
There has been a 163% increase of mobile malware in 2012. 78% of the top 100 Android and iOS apps have been hacked. Less than 5% of popular apps contain professional-grade protections to defend against hacking attacks.
Cracked mobile apps are at risk of:
• revenue loss (falling currency or dollars)
• unauthorized access to critical data
• intellectual property theft
• fraud
• altered user experience
• brand damage
Riskier apps, the ones that need more security
If you have an app that..
• asks for location
• collects personal information from users (pics, names, address)
• relies on remote servers for storing and manipulating users’ data
Apps that don’t require as much security
• alarm clocks
• local notes
• apps that never talks to the web
• Maintain updated libraries
• Try to use a secure mobile app content management system (CMS) like Joppar Content to send content to users securely
• Use an encrypted web address to pull app content from mobile app cms
• Secure the server, data, AND app if you’re handling user data
DON’T:
• Treat content passed in as trusted
• Collect or keep data you don’t need
• Save user data to NSUserDefaults or SharedPreferences. this saves as plain text! Just add and SDK into your mobile app Make sure you trust the source and check the security
• Forget to include https: ‘GET’ and ‘POST’ requests for images, documents, user login credentials, and other commonly transferred data
attacks such as disabled or circumvented security, unlocked or modified features,and free pirated copies.
More tips from the mobile app security pros:
Prateek, Security Researcher for Infosec Institute says…
“One thing mobile devs can do now – Make sure important information is not leaked or stored on the device. For e.g, while storing data locally in IOS applications, one should not use NSUserDefaults, Plist files or even Core Data to store important information like access tokens,passwords etc. A better option would be to store it in the keychain, even though it is also not safe in case of a jailbroken device”
Things to remember about mobile app security:
• The bigger the user base, the greater the need for strong security
There you have it a quick bit on mobile app security, the easy way. But there is always more to learn about mobile.
To learn more about mobile app development go to joppar.com. Also, make sure to check out our mobile app optimization tools Joppar Content (our mobile app content management system) and Joppar Switch (our feature switching tool for mobile apps).
28. “Make sure to encrypt important
files if stored locally. Also,defend
against operating system
vulnerabilities, e.g. for iOS apps,
defend against runtime analysis.”
–- Prateek Gianchandani
Security Researcher
29. “Don’t keep info that
you aren’t willing to spend
money and time on to protect.
Avoid rolling out your own
authentication, unless security is
your forte of course."
–- Frank Rietta
Web Security Developer
30. sounds like a lot of work...
anything i can do quickly to
secure my app?
39. CHECK OUT THIS ANIMATED
SECURITY GUIDE FOR…
MORE TOOLS, TIPS, & TRICKS
40. Mobile App Optimization Tools
Mobile App CMS Mobile App Feature Switching
Send content to your app
users in :27 seconds
A circuit breaker for your mobile app