By Roel Caers, CEO of Guardsquare

What Will Keep Mobile App Developers Up at Night

The mobile device industry continues to grow in leaps and bounds.  Statistics show that today over 5 billion people have mobile devices and there are over 9.2 billion mobile connections worldwide.  Add to these statistics the fact that the number of consumers who shop and bank online continues to grow as well - presenting hackers with increasing numbers of mobile applications and end-points to target.  As developers of software that protect mobile apps from reverse engineering and tampering, Guardsquare has a unique purview into the mobility space, and therefore have some pertinent 2020 predictions for the mobile industry.

Mobile Payments Apps on the Rise

As consumers' comfort with, and reliance on, personal technology increases, we expect to see purchases via mobile payment apps grow rapidly throughout 2020. Great news for the global economy but the downside of this trend is that it will serve to exacerbate opportunities for hackers to take advantage of mobile applications and devices that are not properly secured. 

Fake Apps Abound

Fake apps or hidden apps have historically been a problem and we don't see that changing any time soon. In December 2018, almost 65,000 new fake apps were detected among the various app stores which was more than six times the amount reported in June 2018. We expect this to become increasingly common and problematic.  Consumers need to be alert when downloading new apps and developers should be wary that fake apps can negatively affect their and their company's reputation.

Developers Beware Kotlin's Hidden Vulnerabilities

Kotlin is the fourth fastest growing language currently, and now that Google has declared it their preferred Android programming language, we anticipate it will only continue to spike-likely overtaking Javascript in the near future. However, many developers using the language still do not fully understand security best practices, including how to protect Kotlin code against OWASP's well-known Mobile Top 10 risks.  As with many apps written in Java, apps written using Kotlin must be protected against both static and dynamic attacks using a combination of code hardening and RASP.

iOS is Vulnerable Too

We believe that 2020 will be the year in which awareness increases around the security shortfalls of iOS.  Many application developers still believe iOS apps are virtually immune to reverse engineering, but, in reality, all iOS versions have already been jailbroken at some point.  We anticipate developers will take better security measures to ensure the integrity of their apps by employing a multi-layered approach to security to ensure the protection of their iOS applications.

We continue to see the more sensitive an organization's data, the more likely it is the mobile app will become a target for hackers. According to OWASP's Mobile Top 10, reverse-engineering and tampering ranked the eighth and ninth most prevalent mobile security risks Verizon's Mobile Security Index 2019 highlights that more than 80 percent of organizations said they are at risk from mobile security threats, and 69 percent said those risks increased in the last year. It is our hope that, in 2020, all apps - but especially apps housing sensitive customer data - evolve from going unprotected to incorporating key security measures that protect the users and the organizations.

Widespread Regulatory Changes

Recent international mobile banking and financial services app regulations in Turkey and Singapore are paving the way for tighter app security policies. While these regulations are primarily intended to safeguard consumers and their sensitive financial data, in the process, they will protect app publishers from the unintended consequences of mobile application hacking and misuse. Whether a business is beholden to these specific regulations or not, we expect them to spread globally over the coming year and decade. 

##

About the Author

Roel Caers oversees the day-to-day operations at Guardsquare. He makes sure the company's organization, resources and goals are aligned with the long-term strategic objectives. Roel has more than twenty years of experience in the IT industry, ten of which he spent in various management positions.