In Code We Trust
What is Pegasus?
Reading your texts? Check.
Harvest your photos? Check.
24-hour surveillance? Check.
Pegasus does all this — and more. Developed by Israel’s NSO, Pegasus is the most powerful spyware ever made. Its initial versions used spear-phishing — which tricks users into clicking on links for access — to enter your phone (and life). But the Pegasus of today is more lethal by orders of magnitude.
It exploits zero-day vulnerabilities (flaws manufacturers are aware of but don’t have fixes for) to penetrate devices. In fact, Pegasus sent WhatsApp calls to target devices and installed its malicious code. Even Apple — privacy’s standard-setter — fell prey when backdoors in its iMessage service swung open to Pegasus’ deviousness.
The Way Forward
As organizations and individuals worldwide are still reeling from these revelations, the discussion around app security has hit a more stringent note. The conversation is rife with talks of best practices and overhauls of software architecture. As champions of building high-security apps ever since we kicked off base, we are more passionate than ever to restart the dialogue around app security. In this article, our team will run you through the best practices one can follow to improve app security.
But First, The App Security Checklist
Although this is not comprehensive by any means, this quick and broad checklist helps you land on your feet when developing your app:
Ran through the checklist? Great! You’re now building a way more secure app than when you first started. But, that isn’t all you can do. If you’re looking to dive deeper, we recommend starting with app access and permission management. Our quick-check guide down below will tell you why.
Striking a Balance: App Access and Data Storage
User autonomy is key to building a secure app experience. And nowhere does it come more into play than user choice in controlling an app’s access to their data. Here are a few ideas you could implement the next time you ship an app.
Keeping It Internal
One word (or two?): Sandbox.
By designing apps to store all private user data in the device’s internal storage, you can sandbox each app’s data. This means your app doesn’t need permission to view those files while ensuring other apps on the device don’t access them, too. And as a bonus, when a user uninstalls your app, the device deletes all its files.
The Case(s) For External Storage
Large files that have non-sensitive info from your app can move into the user’s external storage. This also includes the files your app shares with the other ones on the device. But this can’t be the blanket rule for all files. A few of them, despite not holding any sensitive info, makes things easier for users only in your app. Ones like that can live in app-specific directories on the external storage.
Conversely, if your app needs to draw data from external storage, you need to make sure it can check for corruption or malicious modification. Additionally, it can also check the stability of a file’s format and whether or not it can handle them. A hash verifier can help your app do this.
It’s All About Permissions
It all boils down to this question: What’s the least number of permissions your app needs to work well? And then sticking to it all through your app’s life-cycle, and shedding permissions wherever possible. Here are a couple of more detailed ideas to help you handle them better.
Intents: Teamwork With Other Apps
Avoid adding permissions to your app wherever possible. A handy trick here is to use intents to defer your user’s permissions. If your app needs a permission to take a specific action, use an intent to direct the request to another app that already has that permission.
Need A Permission? Get A Signature.
Signature-based permissions between two apps you own and run go a long way in improving your user’s security. A big plus with such signatures is that they do away with user confirmation and just check if the apps using the data have the same signing key. This streamlines your app’s UX by orders of magnitude while upping its security game.
Keep Content Providers At Bay
If there’s one blanket rule in app-building, it’s this: Shutting down access to your app’s data for other developers’ apps is always a good idea. Lift access only if you need to send data from your app to one you don’t own.
Well, congratulations! You just took the first step toward building a more secure app. As these things go, total app security may always be just an illusion. But, that doesn’t mean you stop trying to build something that is as secure as it can be.
If you want to talk app security or get your business’s app audited by our award-winning team, feel free to reach out to us here.