In June 2016, the Internet World Stats highlighted internet penetration of just 28% in Africa, as compared to 89% in North America. This is because of limited availability of landlines in the entire African continent. However, this lack of connectivity is balanced by the exponential growth of mobile device penetration. A survey done by Pew Research Center in 2015 showed that in some African countries, mobile phones were as commonly used as they are in the United States, however, local companies see mobile app security testing as a low priority.
The understanding of security risks associated with mobile devices in Africa is low with a lot of companies sending and receiving confidential documents over mobile risking their corporate and customer data. These companies also need to use mobile app security testing on a regular basis, since mobile is the most relied on device for their customers there are more frequent app updates which requires more mobile app security testing to check that the app is secure.
A lot of mobile banking customers receive their bank statements, invoices and salary slips online via mobile. Companies sending over this sensitive information need to take steps to protect customer data. These companies need to encrypt and protect these sensitive documents and users need to ensure their devices are secure.
Documents and other sensitive data need to be encrypted and password protected and use app security measures, such as no automatic login or storing od user details. The users need to set up pins or passcodes, autolock, and be careful about downloading apps from dubious sources.
There is also a responsibility on the part of the companies developing these apps to ensure that their apps are secure with regular mobile app security testing. Companies need to follow best practice, such as encrypting sensitive data, two factor authentication, and set up remote wiping in case the device is lost.
Codified Security is here to help make your mobile app secure whether it’s for iOS, Android, or to make sure you’re clearing the OWASP Mobile Top 10. For mobile app security testing try out Codified Security.