Resources / Opinion / Time for app developers to take control?

Time for app developers to take control?

With both the number of social media platforms and consumer (and business) usage of social media continuing to experience considerable growth, so the focus on security in this area will continue to develop.  With celebrity photos, the 500 million Yahoo account details and athletes’ healthcare details all being recent high-profile examples, there is a growing awareness in many quarters regarding the security of personal data and communications.

With some users, the conversation is still at a fundamental level (not using “password” as the password or “1234” as the PIN, for example), for others, the focus is on the security of the apps and platforms that they are using and, ultimately, using the level of security offered as a selection criteria for whether or not to use an app or how to choose between two ostensibly similar alternatives.

This poses a problem for the app developers and owners, as securing applications on mobile devices can be a challenge, especially as they need to offer support for multiple operating systems in a consistent way. In addition, mobile devices are, obviously, outside the service providers’ firewalls and so they cannot be certain of the state of the device that the apps are being installed onto. For example, a device may contain rogue apps or other malware attempting to gather personal information, and so developers have to assume that the device is insecure. So, trying to persuade consumers that an app is secure, when there are so many uncontrolled variables affecting that security, is problematic.

Trying to persuade hackers to desist and persuading consumers to adopt best practice for device security are two options, but are, clearly, almost utopian.  Line, who deliver one of the world’s largest instant messenger services, took a more pragmatic approach and decided that they needed to take matters into their own hands.  They needed a solution that would deliver a consistent interface for their developers, and a transparent user experience for their consumers.  By using  Trustonic Hybrid Protection, Line’s applications and services makes use of the Trustonic TEE, if installed,  and utilise best of breed software security techniques, if there is no Trustonic TEE.

There will undoubtedly be more leaks and hacks elsewhere, but at least the app developers are starting to take steps to provide consumers with the re-assurance that they need.