Security should always be a crucial consideration when writing a Windows Phone application. With the tips found within this Slideshare, learn to implement secure Windows Phone apps.

1. 12 Ways to Develop
Secure Windows Phone Applications

2. Windows Phone
(WP) 8 and 8.1 are
arguably two of the
most secure mobile
operating systems on
the market at present.

3. In contrast to other mobile operating
systems, such as iOS and Android,
WP8 and 8.1 devices have not been
publicly vulnerable to a long string of
jailbreaking and security vulnerabilities.
Nonetheless, security is still a
crucial consideration when writing
a Windows Phone application.

4. This checklist sets out
the key steps for implementing
secure Windows Phone apps:

5. Encrypt all
sensitive data,
whether stored
in databases or
other file formats

6. Follow industry-
standard
cryptography
practices and,
preferably, use
AES-256

7. Apply sensible cryptography
key management principles;
for example, use PBKDF2
and enforce a reasonably strict
password complexity policy

8. Use a secure random
data source when needed
(i.e. RNGCryptoServiceProvider)

9. Attempt to wipe
keys and passwords
from memory, via a
best-effort approach,
when they are no
longer required

10. Avoid SQL
injection in apps
that use SQLite-
derived databases

11. Implement
secure network
communications
via SSL/TLS

12. Take care to avoid
cross-site scripting
and script
injection bugs

13. Ensure that XML parsing
doesn’t resolve DTDs, unless
this functionality is specifically
required by your app
xmlDoc.validateOnParse=”false”;

14. Try to clear web
cache and cookies
when they’re no
longer needed

15. Apply native code secure coding
guidelines to avoid traditional bugs,
such as buffer overflows

16. Build your native
modules with
exploit mitigation
features enabled

17. The Mobile
Application
Hacker’s
Handbook
by Dominic Chell, Tyrone Erasmus,
Shaun Colley, and Ollie Whitehouse
Learn to analyze and write secure
Windows Phone applications with