According to recently released research, “all of the top 100 paid Android apps and 56 percent of the top 100 paid Apple iOS apps have been hacked.” This report was compiled by the security firm Arxan Technologies which also discovered that some of the biggest app hacking schemes target high-risk financial apps.
The fact that such an overwhelming percentage of widely used applications are not just potentially hackable but have already been cracked demonstrates a real danger and a necessity to shore up mobile security. It seems the “explosion of smartphone and tablet use in the workplace and home” has attracted hackers to new platforms while outpacing the development of appropriate security.
What’s at Risk?
According to the Business Insider, one in every five people in the world owns a smartphone while one in seventeen has a tablet. This adds up to around 1.4 billion smartphones in use on planet earth at the end of 2013. Obviously, hackers are going to try to take advantage of this growing number of devices.
Mobile hacking creates the potential for “massive revenue loss, unauthorized access to data, intellectual property theft, fraud, altered user experience and brand erosion.” It also leaves unprotected apps open to malware installation as well as piracy of popular software.
Defending through Design
Arxan CTO Kevin Morgan believes that “recommendations for improving mobile application security need to be integrated early in the application development lifecycle and made a key component of any mobile-first strategy.” This means starting security with the mobile app design by implementing security measures into the actual building blocks of each application.
Effective Security Strategies
Computer Weekly lists this outline for increasing the security of your mobile apps. Some of the top ideas include:
- Continuing to initiate mobile app protection strategies
- Prioritizing protection in mobile apps that handle transactions, payments, sensitive data or have valuable intellectual property
- Recognizing that web app security is not adequate for mobile app protection requirements
- Keeping the integrity of the app by stopping tampering, reverse-engineering and other attacks
- Reducing technical risk by building protections directly into the app’s binary to defeat both static and runtime attacks
As mobile devices take advantage of open Wi-Fi networks or handle private transactions, security proves an imperative for safe mobile device use. Mobile app testers can keep security in mind when preparing new applications to meet the real world.
Jessica Socheski is a social media nut who is currently writing about mobile app development. You can follow her on Google+.