Over the summer the spate of companies being hacked, whether it was Starbucks, Carphone Warehouse, or Ashley Madison prompted us to run an experiment on lean start up principles to see demand for mobile app security testing from the UK’s startup and tech communities for understanding whether their developers had made their mobile apps secure, what data was at risk, and what needed to be done to fix vulnerabilities.
After setting up a landing page we received a number of requests from entrepreneurs and business owners to do mobile app security testing on their apps. What we found caused us to realise that throughout the development cycle the care paid towards securing data was minimal or, in some cases, non-existent.
This reflects something we noticed when taking over development for other companies, considerable sums of money are being thrown at UX design and QA rounds with no care given to mobile security. The scale of the problem was clear when, at random, we were able to access APIs and see the full names, home addresses, dates of birth, and debit card numbers of its users.
The term “mobile first” is one that is, at times, overused. In spite of this it is still the case that we organise our lives around these devices, from paying for the Tube in the morning, settling bills, doing work, or ordering food. In addition to this the app gold rush has led to a lot of talented people investing their time, money, and ideas in mobile products. Without mobile security all of this is put at risk.
Our response is Codified Security. We want to help fix a widespread problem. We intend to help to become part of the development cycle, working with companies’ developers before the app is released and doing the same each time there’s a new release.
Codified Security is here to help make your mobile app secure whether it’s for iOS, Android, or to make sure you’re clearing the OWASP Mobile Top 10. For mobile app security testing in under a minute try out Codified Security.