Is it Safe? 5 Security Tips for Mobile App Developers
Here’s a fun parlor trick that doesn’t require any setup.
Envision a thing – anything – in your head. Got it? Hold it there for a minute and concentrate carefully on it. The thing you’re thinking of, is it…something? Ta dah, there’s an app for that!
Transportation, food delivery, games, movies, music, and even a soul mate – you name it, you can find it online. The increasing popularity and ubiquity of apps has created immense potential for developers and businesses, not to mention a huge amount of convenience for consumers. But like any other modern convenience, apps come with their own set of risks. Large-scale hacks were unthinkable 10 years ago, but have recently become so commonplace that it feels like our personal data is constantly at risk.
Apps and services that get popular enough will eventually be targeted by unscrupulous people looking to profit – or worse, simply trying to cause havoc. A study conducted by the firm Research Now found that 63% of US smartphone users regularly use the same 1-5 apps on a daily basis. And nearly 50% of users open the same 6-10 apps every week, without ever touching the other apps on their phone. This means that a disproportionately small percentage of apps make up the lion’s share of our smartphone experience. Every app developer is striving to reach this hallowed ground. If you’re fortunate enough to get there, you need to maintain user trust. People are fickle and Google Play has millions of other choices.
1. Eat your own dog food; know your users
Is your app cut out for your target market? Will people benefit from using it, or miss its potential due to a shaky user experience? Use your app regularly to make sure the experience is consistently great.
2. Respect people’s privacy
People are extremely savvy. These days, it’s common knowledge that apps collect our information, but it’s not always clear to the user exactly what data is being collected and why – even though in the vast majority of cases there’s absolutely no malicious intent. Knowing where your users stand on security, how much information they’re willing to share and how to effectively communicate with them are essential pieces of the puzzle.
3. Assign a security champion
App security should be a top priority at all times during the development process. Assign a security ‘champion’ who will address security concerns during every stage of development and hold the entire team accountable. While most distribution platforms (like Google Play) have their own vetting process to weed out malware, they aren’t foolproof. Developers are responsible for protecting their users. Own that responsibility.
4. Prioritize protection
Have a contingency plan in place, just in case new malware, hackers or vulnerabilities rear their ugly heads. For example, if user credentials are stolen due to hacking, how will you communicate this with your users, and how will your development team address it from the back-end?
5. Don’t get cocky
Don’t let the adrenaline of launch day get your head in the clouds. Once the excitement wears off, developers have a harder task ahead: keeping users engaged and safe. Evaluate your app’s software, code and third party partners regularly. Learn to respond to user feedback, and spot vulnerabilities and bugs as early as possible so that in the event of a security scare, users don’t jump ship. Not only will this help build trust, but it will also ensure that your next project is an even bigger success.