asdr-intro-bg1.png

Mobile App Security Insights

How Mobile Application Security is making the World a Better Place

Oct 11, 2017 11:59:12 AM / by Sung Cho

How-Mobile-Application-Security-is-making-the-World-a-Better-Place-Blog-IMG.png

You know that your clients care about mobile application security, and perhaps a commitment to security has even become a way to set yourself apart from the competition. Yet it’s easy for mobile application security to become little more than another industry buzzword. Securing the apps you develop is good for business -- both yours and others. It’s also good for the world. Here’s why.

A Review: Mobile Application Security Statistics

suitcase-of-money-blog-img.jpgA brief review of the data can help recommit you to mobile application security. Consider the following:

As mobile apps become more prominent in the world of business, companies face even greater exposure. Yet many enterprises are unprepared for even the most rudimentary attacks. Consider this:

  • Two-thirds of businesses lack a cybersecurity policy.
  • The overwhelming majority (93%) of cybersecurity professionals are concerned about a growing cybersecurity skills gap.
  • Ninety-seven percent of mobile apps lack binary protection, with 96% of apps on Google Play able to be reverse-engineered. Seventy-five percent of mobile apps can’t pass even a basic security test.

A Leg Up on the Competition

What all of this means for mobile app developers is that their skills are increasingly in demand. Mobile app security offers independent app developers greater career security and a leg up on the competition. Fifty percent of cybersecurity officers say they plan to invest more to educate their staff about cybersecurity in the coming year.

Despite this fact, many mobile app developers are unprepared to offer the type of security guarantees that today’s enterprises need and demand developers who know security like the back of their hand. If you’re committed to application security, your customers will be committed to you. Application security is rapidly becoming the primary method through which businesses separate the wheat from the chaff. So by mastering this vital skill, you can outperform your competition while creating a better world for businesses and consumers.

A Safer Internet (and World) for Kids

Children are the most vulnerable among us, yet data consistently suggests that they’re exposed to more sexual exploitation, more crime, and more bullying than adults.

  • The overwhelming majority of teens use a smartphone regularly, which makes them a prime target for cyber criminals.
  • Nearly half of all children have been bullied online.
  • 1 in 4 children have received pornography they did not want online, and 1 in 5 have received unwanted sexual advances. Four percent of kids have been the subject of aggressive sexual advances that include attempts to contact the child offline.
  • More than 500,000 cyber predators are online each day.

Mobile application predators target children for many reasons, but one recurring theme is this: children are naive. They do not understand that the online world is a real world populated by real people, and that a tablet, computer, or smartphone screen will not necessarily protect them from the person they speak with. They don't understand that what they post online can last forever, and that with just a bit of information, they are easy to find.

Cyber security protects children from being targeted through mobile devices. Schools, churches, art programs, and parents increasingly use these devices to inform and educate children, to give children an outlet, and to help kids stay connected to one another. Criminals know this, and use it to their advantage. By creating a more secure mobile app environment, developers make a safer world for kids.

Twenty percent of children who are abused online contemplate suicide. Ten percent attempt it. Mobile application security can save children’s lives.

Better Functioning Devices

If you’ve ever picked up your parent or grandparent's smartphone and found it completely unusable, bogged down by bloatware or chock full of viruses, you already know how lax security and a refusal to install updates can destroy mobile devices.

Even among users who consider themselves tech-savvy, mobile application security can improve the functionality of devices. Most mobile devices are full of programs that are unnecessary, and many have been hacked and turned into little more than homes for malware. The result? Frustrated users, stymied communication, and a mobile application environment that makes people’s lives worse, not better.

A Hostile Climate for Criminals

“Hacking” has become a catch-all term that everyone knows. But when a term becomes trendy, it can also lose its meaning.

Let’s take a moment to think about what criminals do with the devices they hack:

  • They can access financial data to steal user accounts and identities, transfer wealth, or even harass users by removing their access to their own accounts.
  • They can invade users’ privacy, gaining access to intimate information about their lives. This information can be used to steal identities, blackmail people, and even ruin lives.
  • They can sell the information to third parties who may use it for dangerous and nefarious purposes.
  • They can use behavioral engineering techniques to induce users to give away more information. For instance, by gaining access to a user’s mother’s maiden name, a criminal may be able to impersonate a customer service representative.
  • Stalkers can gain access to information about their victims. This information can be used to further victimize and terrorize. It may even help stalkers commit in-person crimes against their victims.

App security greatly constrains the ability of criminals to harm innocent app users. That’s a good thing, because the harms of cybercrime are more than just numbers and statistics. Real people lose real money, real security, and occasionally even real lives. A world with less crime is a better world for everyone. It’s also a world where it’s safe for anyone, even those who lack technical skill and time to understand app security, to use their devices. That’s a more equal world.

Greater Privacy

Code-entry-security-blog-img.png

Nearly a fifth of users rely on their phones for all or mostly all of their web browsing. This means that mobile devices can contain a user’s entire life, ready for the taking. That may be why many analysts say that privacy is dead. It doesn’t have to be.

Mobile app security protects users from criminals who want to take their information and use it for nefarious purposes. Criminals are just the tip of the proverbial privacy invasion iceberg, however. Novice hackers who have no criminal intent sometimes hack apps just for fun. Researchers, governments, data scientists, and just about anyone else you can imagine know that data is highly valuable. When it’s readily available, they’ll take it and use it in ways users might not even consider.

Mobile app security supports more privacy, and prevents an increasingly high-tech culture from also becoming a surveillance culture. This allows users to choose with whom to share their information -- just like people always have. The best apps educate users about how their information is used, ask only for the data they absolutely need, and zealously guard that data. Does that sound like the apps you work on? If not, it’s time to work toward a better world by creating secure apps that protect user privacy.

More User Control

Businesses want as much user data as they can get. This gives them a competitive edge, helps them further customize their apps, and ultimately can provide a more user friendly experience. The problem with this attempt to continually access more user data is that it also undermines privacy, and puts users’ information in jeopardy. The more information is housed on an app, the more vulnerable that app is to criminals -- and the more criminals can do with the data when they get it.

Many users mistakenly believe they’ll know if their phone is hacked. Some businesses even buy this myth. But phones are routinely hacked without user knowledge. Indeed, this strategy is in the best interest of hackers. Because the longer a hacker goes undetected while a user still relies on the device, the more information that hacker can get. Information is power.

So with all sides jockeying to gain access to user information, mobile app developers must tread carefully, prioritizing security above all else. That means giving users more control over how their data is used, and which data they share. Think carefully before setting permissions to automatically share lots of data. Consider also telling consumers how their data will be used.

This creates a world in which users have more control over their data, as well as better education about what they can expect to happen to that data after they share it. This creates a safer app space, a better user experience, and happier users. Happier users are more likely to keep using the same app, so that means a better outcome for businesses, too.

Comfortable Customizability

User experience is increasingly king (or queen) in the world of app development. Businesses are constantly looking for ways to ensure a great experience, and to offer customized apps to each and every consumer. App security actually makes this process easier. By allowing developers to customize how user data is used, and how they use the app, businesses and developers offer a unique, personalized experience to each user.

That means greater customer satisfaction, and the payoff of a personalized experience without all the work of coding different apps for different users. Allow consumers to change key settings to optimize privacy, change security, and control their own data, and watch the app fly off of the virtual shelf.

Protecting Businesses (and Their Customers)

business-security-blog-img.png

In a competitive app environment, physical products may someday go the way of the dodo, at least for some businesses. A business’s intellectual property -- its patents, apps, licenses, and other intangible goods -- can form a significant portion of its net worth. Consider Facebook, Twitter, and Instagram. None make a single tangible good, but all are worth more than most business owners could ever dream.

This means that businesses can gain a huge competitive advantage by gaining access to one another’s intellectual property. Forget breaking into a warehouse. A few clicks of a mouse and a few lines of code might be all it takes to destroy a competitor -- or at least gain access to their secrets. Some businesses even maintain thousands of corporate secrets on unsecured servers, turning these servers into sitting ducks for corporate piracy and espionage.

Secure apps protect businesses from competitors who would do them harm. They also protect consumers. Because not all businesses are the same. A competitor might not be nearly as concerned about user data. They might even sell the data they access once they’ve done what they please. Secure businesses are fairly rewarded for their hard work, and secure apps continue to protect consumers. That means a better world for everyone.

Creating a Healthy Business Environment

Which sort of world do you want to live in -- one where businesses get ahead by stealing one another’s secrets and violating user privacy? Or one where the business with the best apps wins the competitive edge? Fundamental fairness is good for everyone. It incentivizes businesses to innovate, and spurs the development of new technology.

In an insecure app environment, however, it’s often a race to the bottom. The business that can develop an app the fastest may get more downloads. And the one that steals code from a competitor benefits from hard work without having to do any hard work of its own. By making more secure apps, app developers protect their clients from intellectual property thieves. They also help create a more secure business climate, in which the cream rises to the top, and thieves can no longer piggyback off of the hard work of real businesses.

Reducing Litigation

Given how common app piracy and other security breaches are, you might think they’re just a cost of doing business. Nothing could be further from the truth. Businesses may be liable -- both in the form of civil lawsuits, and occasionally even criminal prosecutions -- for putting user data at risk. When Target faced a massive hacking, it was sued in dozens of states, and had to pay tens of millions in settlements.

That’s a figure most businesses couldn’t shoulder. No wonder so many businesses spend so much money on expensive insurance policies and security due diligence. These expenditures can cut into profits. They also stymie innovation by forcing businesses to divert resources to liability reduction.

So by securing business apps, you protect businesses from going under in the face of massive lawsuits. That’s good for the economy. It’s also good for consumers. No consumer wants to sue. But when a consumer loses something in a data breach, they may have no other way of recovering the money or time they lose. So fewer lawsuits means a win for everyone -- not to mention more time for courts to handle other issues.

Businesses deserve secure apps. Consumers demand them. Yet many developers lack the time or knowledge to provide apps that can truly fight the security threats today’s devices face. That’s where we come in. We support developers to create secure apps without massive additional expenses. That’s good for the world. It’s good for businesses. It’s good for you. Stand out from the competition with truly secure apps. Let AppSolid be your silent partner.

iOS-Backloading-and-Rogue-App-Stores-Big

Topics: Mobile Application Security

Sung Cho

Written by Sung Cho

Head of Marketing at SEWORKS Co., Ltd.