Browse Definitions :

BACKGROUND IMAGE: iSTOCK/GETTY IMAGES

This content is part of the Essential Guide: A guide to modern mobile application development strategies
Definition

mobile app security

Contributor(s): Stan Gibilisco

Mobile app security is the extent of protection that mobile device applications (apps) have from malware and the activities of crackers and other criminals. The term can also refer to various technologies and production practices that minimize the risk of exploits to mobile devices through their apps.

A mobile device has numerous components, all of them vulnerable to security weaknesses. The parts are made, distributed, and used by multiple players, each of whom plays a crucial role the security of a device. Each player should incorporate security measures into mobile devices as they are designed and built, and into mobile apps as they are conceived and written, but these tasks are not always adequately carried out. Common vulnerabilities for mobile devices include architectural flaws, device loss or theft, platform weakness, isolation and permission problems and application weakness.

When evaluating mobile devices and apps for security, developers should ask themselves the following questions.

  • How do users obtain a particular app?
  • Should a firm create its own app store?
  • How is an app vetted before it is offered for sale?
  • How is an app protected against malware?
  • Was a particular app written and shipped in too much of a rush?
  • How can users tell the difference between a legitimate app and a fake?
  • How easily can automatic update features get hijacked?
  • What measures exist to control the risk of device jailbreaking?
  • What kind of permissions should a particular app ask for?
  • Can any of the functions and capabilities unique to mobile devices (such as geolocation) enhance app security?
  • Can any other apps keep track of when, where, and how a certain app is used?
This was last updated in March 2013

Next Steps

Deciphering RAD Studio XE8

Continue Reading About mobile app security

Dig Deeper on Application security

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

File Extensions and File Formats

Powered by:

SearchCompliance

  • risk management

    Risk management is the process of identifying, assessing and controlling threats to an organization's capital and earnings.

  • compliance as a service (CaaS)

    Compliance as a Service (CaaS) is a cloud service service level agreement (SLA) that specified how a managed service provider (...

  • data protection impact assessment (DPIA)

    A data protection impact assessment (DPIA) is a process designed to help organizations determine how data processing systems, ...

SearchSecurity

  • quantum key distribution (QKD)

    Quantum key distribution (QKD) is a secure communication method for exchanging encryption keys only known between shared parties.

  • identity theft

    Identity theft, also known as identity fraud, is a crime in which an imposter obtains key pieces of personally identifiable ...

  • cybercrime

    Cybercrime is any criminal activity that involves a computer, networked device or a network.

SearchHealthIT

SearchDisasterRecovery

  • disaster recovery plan (DRP)

    A disaster recovery plan (DRP) is a documented, structured approach that describes how an organization can quickly resume work ...

  • business continuity plan (BCP)

    A business continuity plan (BCP) is a document that consists of the critical information an organization needs to continue ...

  • disaster recovery team

    A disaster recovery team is a group of individuals focused on planning, implementing, maintaining, auditing and testing an ...

SearchStorage

  • logical unit number (LUN)

    A logical unit number (LUN) is a unique identifier for designating an individual or collection of physical or virtual storage ...

  • NVMe over Fabrics (NVMe-oF)

    NVMe over Fabrics, also known as NVMe-oF and non-volatile memory express over fabrics, is a protocol specification designed to ...

  • CIFS (Common Internet File System)

    CIFS (Common Internet File System) is a protocol that gained popularity around the year 2000, as vendors worked to establish an ...

Close