Basics of Security on Mobile Devices Using iOS Apps

By Rajiv Ramnath

Security is an increasingly important consideration for mobile devices using iOS and for their applications. Mobile devices face severe predatory threats on a daily basis from loss of information, invasions of privacy and lack of protection from malware in general.

  • Mobile devices store valuable personal information. Most people’s mobile devices eventually become repositories for all types of personal information — such as their geographical location, contact names and addresses, financial transactions, and credit card information. Theft of this information can result in significant financial loss.

  • Mobile devices have a greater security footprint than applications on your desktop. Mobile devices have more areas of vulnerability than desktop computers, and even laptop computers. Mobile devices are designed to interact with the outside world via the Internet and other networking capabilities, such as Wi-Fi and Bluetooth, so they’re exposed to all the consequent dangers.

    When a user accesses the Internet from a browser on a mobile device, all browser-based vulnerabilities certainly apply — such as phishing, spyware, and viruses (collectively known as malware). However, malware poses a greater risk to mobile devices than to desktop computers because websites built to support mobile users are notorious for being security risks themselves, which means, of course, that they present a risk to the devices that access them.

    Because apps are now the primary means of using a device, they create a security risk. Keep in mind that mobile apps are authored by various developers and are installed from diverse locations. An app can read and create user data on the device. If your app creates private data and leaves it on the device in an insecure manner, a malicious piece of code can read it.

  • Mobile devices aren’t as capable of protecting themselves as desktop computers are. Although mobile devices are exposed to a wider set of vulnerabilities than desktop computers are, mobile devices are less capable of protecting themselves because the techniques and best practices used to protect desktop computers (such as strong encryption of data) often aren’t feasible on mobile devices because of their limited computing power and memory.