This article is the second in a series illuminating the developer’s perspective on mobile app security by guest contributor and developer Evan Rose — managing partner at Rose Digital. The first post covered planning mobile API security, and in this installment Evan explains what developers need to keep in mind as they code their mobile apps.
There is no denying that mobile applications have become ubiquitous. For many companies, building an app is a foregone conclusion. We have applications for social, for fitness, for productivity, for business and even for things as sensitive as our finances. We are all increasingly turning over more of our personal information and data to applications
Researchers unveiled a startling discovery this week: 41 percent of the most popular Android apps that implement OAuth 2.0 allow an attacker to remotely impersonate any user account, access personal information from within the app, and make in-app purchases on the user’s dime. In this post I explain OAuth 2.0 and how it affects mobile app security and risk.
PRIVACY DISCLOSURE: NowSecure uses first party and third party cookies to provide functions of this website and our services, to uniquely identify visitors, to analyze use of our website, and to target our marketing. You can choose to block cookies using your browser settings. By continuing to use our website or services you indicate your agreement. To learn more about the cookies we use and how we may collect and use your personal data, visit our Privacy Policy
The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings or you click "Accept" below then you are consenting to this.