This content is part of the Essential Guide: Enterprise architects' guide to success with mobile apps for business
News Stay informed about the latest enterprise technology news and product updates.

Where does security come into play with mobile app trends?

As more people gravitate toward mobile devices to access personal data, security needs have risen to be among the major mobile app trends.

In 2014, mobile app security will be hard to peg down, because the rush to get new mobile apps will foment rapid development and release. Expect to see security problems as developers yield to the temptation to focus on features and neglect security, said Andrew Kellett, principal analyst, Ovum Research. Another research firm, Gartner Inc., predicts two-thirds of mobile applications will fail basic security tests between now and 2015.

Keeping mobile apps and the data therein secure will require constant up-front work in development, as well as constant vigilance of software technology and mobile device trends. In particular, watch trends in user authentication, biometrics, voice, fingerprint access and usage patterns, said Kellett. In this article, he and mobile security experts Domingo Guerra and John Overbaugh examine mobile app trends and usage that spell trouble.

smartphone apps with security shield

Developers who rely on third parties to manage login credentials should pay special attention to the massive security breach and mobile app trends, some industry insiders say. Hackers who obtain login credentials for websites like Facebook and Twitter can potentially gain access to users' applications, according to Guerra, president and co-founder of Appthority, a company specializing in application risk management.

"Because of the growth in social media SSO [single sign-on] in the app ecosystem, an estimated 60% or more of the top apps leverage social media SSO and let their users log into the app with other accounts such as Facebook and Twitter," Guerra said. "Most of the use of social networking SSO is actually to facilitate social interaction, but by having the user log into an app with a Facebook account, the developer also gains instant access to some of the user's Facebook information."

Mitigating mobile security risks

Secure coding techniques have emerged over the years, Kellett noted, that have been effective and need to be applied to the mobile environment. "Quite a lot of folks are still at the stage where they are developing apps from the home office or the garage environment," he said. "There isn't anyone looking over their shoulder to make sure their techniques are up to standard and appropriate."

Next Steps

Mobile apps at forefront of technology

Using MBaaS for enterprise apps

Mobile app modernization needs rise

Dig Deeper on Secure application development

Join the conversation


Send me notifications when other members comment.

Please create a username to comment.

My biggest concern is using your phone for everything. I've seen T.V. commercials where you can lock your house, turn on the alarm, lights and other things. If someone hacked your phone they may be able to turn off the alarm, open your doors and rob you. I'd be very leery on putting to many sensitive app on my phone that have that much exposure.
Good point, ToddN2000. Not to mention what would happen if your phone gets lost - you'd be helpless!
What we understand from our experience is that security is crucial at every stage and for every use of a mobile app. This is because at every point in time you are interacting with the app and feeding some of the other data, the data can be very personal or confidential or critical that you don't want to share it with anybody.

This is where security comes into play. The game begins right at the time a user downloads an app, even before they installed it and your app should be that secured that it does not leak any bit of data. Security of an app has thus been crucial and thus it has been and will be the mobile app development trend for years to come. With IoT, AR and other app trends, security will even be more critical.
Continuous integration and deployment only adds to the problem too. People pride themselves on deploying every day, twice a day, 10 times a day even -- but who's making sure everything's secure?