Page 41 - Cyber Defense eMagazine June 2020 Edition
P. 41
Secure communication: It’s not that much of an exaggeration to describe a mobile app as a connected
bundle of APIs. Mobile apps must communicate via the Internet with other services in order to function,
which means communications must be secured. If not, mobile users can fall victim to man-in-the-middle
(MitM) attacks, where a hacker intercepts communications between a mobile user and the server they’re
trying to reach. A successful MitM attack enables hackers to steal information and even change the data
communicated to upload malware onto the end-user’s device.
These attacks are more common than one might think. The Verizon Mobile Security Index 2020 shows
that just under 1 in 10 of protected mobile devices detected an MitM attack attempt in 2019.
To secure communications, developers must ensure that the app connects to the back-end server
through an encrypted tunnel that uses the secure socket layer (SSL) as well as the transport layer security
(TLS) protocols. In addition, developers can also choose to pin a static client certificate to the built app
to prevent credential stuffing attacks on the back-end server. Without these protections, end-users’
communications can be easily intercepted and compromised by any hackers.
Of course, implementing these measures requires not only time, but also the right skills, and iOS and
Android-specific security skill sets are in high demand. Thankfully, automated, AI-powered platforms now
exist that can integrate all of these security measures into a mobile app binary in minutes without any
coding at all.
Even before the pandemic, the importance of mobile apps to commerce and day-to-day business was on
the rise. During the lockdowns, this trend has accelerated, and it’s unlikely to slow down even once the
disease finally recedes. In our new normal, mobile apps have become the primary way for people to do
their banking, shopping, order food, transact business and work. It is paramount that, during the COVID-
19 pandemic, the mobile apps people use are secure so that the people and businesses are protected.
About the Author
Tom Tovar is the CEO and co-creator of Appdome.
Cyber Defense eMagazine –June 2020 Edition 41
Copyright © 2020, Cyber Defense Magazine. All rights reserved worldwide.