Question

Outline the major security issues related to mobile application technologies and Develop a policy and procedure for one of the major security issues you outlined

Answer 1

The following are the major security issues to the mobile application.

1. Weak control from server side:

The communication or exchange of information is happening between the smartphone and the user externally through severs. So, it becomes a primary target which gets exploited by hackers.

Precautions: make sure to have efficient server side security that can be achieved by hiring a specialist of security expert or by using the simple testing tool and also by taking some general precautions. This issues arrises when the developers do not give importance to traditional server side security while development.

Some of the usual reasons are:

* Low security budgets

*No or few security knowledge in a new language

* More dependancy on the mobile OS for updates on security .

* Cross- platform development vulnerabilities and complications

The most efficient and easiest step to secure your mobile apps from server side vulnerabilities is by scanning. You need to scan the apps through automated scanner. So which brings out the issues which can be solved with little effort. It is most vital because the hackers uses the same to exploit they can easily used to hack your application. For advanced security you need to hire cyber security experts who will guide you through the procedure.

2. Absence of Binary protections.

Due to the unavailability of binary protection, a hacker can perfom re-engineering the code of the application to inject malware or redistributed the pirated application with a threat. It can result in theft of confidential data, brand and trust damage, revenue losses, frauds and many more.

To avoid these problems a binary hardening methods to be used. The protection against the common exploits can be made by analysing and modifying the binary files using binary hardening methods. In addition to that it allows in resolving vulnerabilities in the legacy code instead of the need of source code. The apps must follow secure coding techniques for jailbreak detection controls, checksum error control, certificate pinning controls and debugger detection controls.

3. Data storage insecurity.

4.lack of sufficient protection to transport layer

5.unintended data leakages

6. Poor authentication and authorisation

7. Broken of Cryptography

8.injection on client side

9.untrusted inputs breaches secuity decisions.

10. Poor management of Session handling