The mobile application industry is growing at an explosive pace, yet security issues of mobile applications are lagging behind. Incidents of mobile application hacking have increased exponentially as attackers and attacks have evolved, using both new and well-known methods of attack to infiltrate apps and collect the as much data as possible. The impact on businesses and end-users is exponentially growing.
With more than 1.5 million apps available in the two main app stores, Apple and Android, and hundreds of billions of downloads to date, the mobile landscape has quickly become the main playground for hackers and attackers.
Mobile applications are used for practically anything today. We use personal apps that store your PII (Personal identifiable information), medical applications used within hospitals to store patient information and dole out meds and financial applications where users pay bills, transfer money and check balances. The need for secure applications has never been clearer.
When it comes to security, there are numerous vendors who attempt to provide a way to detect any risks on the device or within the application itself. Due to the mobile operating system’s sandbox environment, there is only so much that a security application can do. Signature detection of malware and jailbreak/rooting detection are probably the best these vendors can do to protect your data. However, as long as the security vendor’s play by the rules enforced by iOS and Android – and on iOS they are forced to do so- attackers will continue to have the upper hand and these protections can be easily circumvented.
Thus, it boils down to ensuring secure development as you create your app. Building apps with security in mind while ensuring secure authentication, data storage, encryption, input validation and availability are just a few of the tasks a mobile app developer must face.
The State of Mobile Application Security report created by AppSec-Labs and Checkmarx defines 7 Deadly App Development Sins and delivers a comprehensive report describing the state of Mobile Application development and the risks discovered.
By analyzing both iOS and Android applications the research also sheds some light on the claim that iOS apps are more secure than Android Apps.
Think iOS Is Safer than Android? Think Again!
We analyzed hundreds of popular applications across all verticals and discovered alarming results which have to be addressed by the mobile development industry.