In this era of Smartphone’s, developing apps for multiple mobile platforms has increased abruptly so does the outsourcing. But, there are software security concerns that one must be aware of and this calls for a list of queries you must be well-prepared in prior approaching a mobile application development company. Here are the top 3 questions to ask your outsourced mobile developers to bring a positive result.
Do you keep record of temporary data? Not many are aware of an iOS feature that takes an app screenshot when the user presses the home button and stores it in a temporary file. But what if the user backgrounds on a sensitive screen like bank details? Secondly, if you use the iOS camera within your app, the camera stores photos in a temporary location before use. Check with your mobile developers if they will dispose these images if it is sensitive.
Do you maintain record of sensitive data? In many cases, it’s difficult to test for storage of sensitive data on the device. This includes account login, financial data or messages sent between customers. If you outsource mobile app development, ask them for the list of data being stored within the app after initialization. This will help you identify high risk files.
Do you check my app’s data? The final question to ask your outsourced development team is one of the common areas that developers don’t forget to “fix” before going live. During development it is very typical for teams to log sensitive data to device logs. So does it is for hackers to read device logs.
Before it goes live, remember to ask your outsourced teams to ensure that sensitive data that may have been logged for testing purposes is disabled and that only logs which are user generated (e.g., option to send crash logs) are allowed.