Security and Privacy

Integrating Privacy & Security Issues in Mobile App Development Process

The recent controversial lawsuit between Apple and FBI with regard to access of data from mobile devices, the issue of privacy and encryption (even in the case of national security concerns) has been raised in the right manner and at the right platform. Even though the fight has finally ended, it has been observed that the whole industry is concerned and are preparing for bitter privacy and security war.

In this backdrop, it becomes imperative for developers to dig deep into the complexity of the mobile app ecosystem as there are many players who can access a variety of personal information. They can be either developers or service providers or an app platform and last but not the least, the advertisers. Each one of them has a role with regard to privacy and security of an app user. Design and development of an app is considered as a creative process and as such the key to success lies in keeping privacy and security concerns as top priority in the whole process.

Today, privacy and security are considered as key competitive advantage for mobile app developers anywhere in the world. Majority of users are found to be concerned with businesses asking for too much of personal information and not keeping them safe and secure. It has also been observed that these personal information are being sold to other organizations who in turn chase the user with their products and service offerings.

Laws, guidelines and protocols varies from country to country but it is important to delve deep into the concept of personal information which basically means profile or data about an identified individual. Images and IP addresses are considered primary, but there are other types of data that are being collected by mobile apps such as contact list, social networks, location mapping, etc. to mention a few.

To ensure security, it is important to limit the access to user’s personal information and that too on a ‘need-to-know’ basis. Further use of encryption in transit and storage of personal information should be considered as a prerogative. While in case of collection payment transactions and related information, compliance with payment card industry data security standards (PCI DSS) should be adhered to in a zero tolerance framework. Developers need to keep in mind that app users always have the visibility and transparency with regard to the data being collected and its intended use.

Privacy and security issues are being increasingly drawn towards consumer attention and will further grow as a key focus with the progress of time. This is primarily because many large corporations have launched their apps and are gathering data using third party advertising libraries which are actually capturing the data while the original developer is completely unaware of this fact.

Design, aesthetics, appropriate platform, compatible software, etc. are all key to a successful user friendly app; but with the growth in user base and usage of smartphones coupled with more and more businesses going mobile, it become critically important for developers to factor in privacy and security concerns while developing the apps.