On a regular basis I hear a ton of “mobile app ideas”, but lately I have met a lot more people that are learning to code in their spare time in hope of developing their initial apps on their own. Most of these folks have a background in the business area or problem set that they are solving, but they don’t have a deep understanding around mobile information security.
Not all applications have the same security needs. If you are developing a calculator, alarm clock or some other utilitarian app that does not store and/or transmit any user information then there are few security concerns. But if your app accesses a users’ social network information, stores device information, authenticates against a server, or takes payment in any shape or form; you need to understand how to protect your app and your users’ data against security breaches.
If you operate under the assumption that your app will be installed on millions of users’ mobile devices, protecting against data breaches and enforcing security should be one of your highest priorities. There is no silver bullet for mobile app security but there are a few things you can implement to keep your users safe. The following are a few of the key areas that I typically recommend you consider when securing your mobile apps: