Pricing Request a Demo
Home / Mobile Security
Enjoy the best mobile SDKs news, tips & tricks, sent to you by mail

10 Mobile App Development Trends to Look Out for in 2017

March 23, 2017 1:58 PM

Gladly, our mobile app industry is continuing to grow at a fast pace.

In fact, App Annie’s projection is that by 2020, mobile app store revenue will exceed $100 billion globally. The latest annual Mobility Report from Ericsson reveals that there will be 6.1 billion Smartphone users globally by 2020 and as for 2017, Gartner’s prediction is that by the end of the year “mobile apps will be downloaded more than 268 billion times, generating revenue of more than $77 billion and making apps one of the most popular computing tools for users across the globe.”

I remember, way back in 2008 (or maybe even a bit earlier than that…), I had to do some reading in order to understand the concept behind a device that is ‘all apps’. This was less than 10 years ago. It makes me wonder, what will we experience 10 years from now?

Mobile App Forecast by AppAnnie | SafeDK Blog
App Annie’s report projects a growth of $100B by 2020

Mobile App Store Revenue Worldwide by Gartner | SafeDK
Gartner predict 2017 will be see an even bigger growth in Mobile Apps revenue

Obviously, the mobile app development world is growing and changing rapidly, catering to the growth with some exciting trends. I’ve chosen to share a few of them with you today (yes, there are more. Talk to me if you think I should add others in as well).
Continue Reading

Enough with the Mobile SDK Mess: A New Technology Is Born

February 9, 2016 4:05 PM

SafeDK is presenting at MWC – Set a demo meeting!

In a previous blog post I’ve written (Mobile SDKs: Use with Caution), I mentioned the potential risks related with integrating Mobile SDKs into your mobile app. ‘SDKs’ as in these off-the-shelf 3rd party tools that app developers integrate into their mobile app for advertising, payment, analytics, social and many other functions. We all know that SDKs are a necessity in the mobile development process, but not all app publishers are aware of how these SDKs can affect the app’s performance, stability, battery consumption, security and privacy.

After going through an extensive analysis of a tens of thousands of apps and hundreds of different SDKs, we realized that there are 2 major domains of problems when using 3rd party SDKs. Both are crucial:

  • Security and Privacy – SDKs may contain viruses, malwares, backdoors or, most commonly, piggy-bag your app permissions to access your users’ private data.
  • User Experience – SDKs may contain bugs, consume a great deal of battery power and data, crash your app, slow down your app, and so forth.

During the last few months, we all read about major SDKs-related issues: apps that were banned from the stores because of a specific SDK that violated Apple or Google regulations, an ad-network SDK which  displayed ads that were  incompatible with the app’s ‘spirit’ (e-cigarette commercial in a kids app, someone?), marshmellow incompatibility of SDKs in an app that was supposed to be compatible… and the list goes on and on.

Basically, app developers must all ask themselves the following, ASAP:

Do I really know what’s going on with my app's SDKs? Can I really vouch for my app when I use so many 3rd party codes?

That’s exactly what led us to establish SafeDK. I focused my entire career on mobile development, and like everyone else, I constantly implemented SDKs the messy way… It took me a while, but I finally realized I was out of control, using so many SDKs. But I sure wasn’t going to work on all these SDKs’ functionalities in-house, so I created SafeDK to provide an optimal and elegant solution to this dilemma. This is simply what we say: Implement as many SDKs as you want, in order to create a wonderful app in the shortest time-to-market possible, but use SafeDK to maintain transparency and control over the SDKs code.

Continue Reading

SafeDK: Giving Control Back to App Developers in an SDK-Fueled World

November 24, 2015 2:05 PM

Originally published in Medium on behalf of AWS.

SafeDK offers an In-App Protection solution and SDK Marketplace, putting mobile app security and quality back in the hands of app developers. How do we do that?

We’ve all heard of mobile Software Development Kits (SDKs). App developers integrate these off-the-shelf mobile services into their app for many purposes: advertising and payment, analytics and social, and many more. No doubt these SDKs are a great help in the development process, but they might cause various issues ranging from app slowdown and crashes to excessive battery consumption and malicious behavior.

SafeDK monitors the real-time behavior of mobile SDKs and reports privacy, performance, and stability issues. SafeDK also provides developers with remote control over the SDKs. With a simple click of a button, app developers can turn off an entire SDK or a specific SDK permission in real time, preventing a security breach or crucial bug, with no need to release a new version or wait for users to update.

In this post, I’ll share the story about how SafeDK came to be, discuss lessons learned, and explain how AWS has helped to make it all possible.

Continue Reading

Mobile SDKs: Use with Caution

July 22, 2015 11:19 AM

We’ve all heard of mobile SDKs. These off-the-shelf mobile services, which app developers integrate in your app for many purposes: advertising and payment, analytics and social, and many many more. No doubt these SDKs are a great help in your development process. They often offer unique functionalities, simplify your coding and save you precious time and money. It’s not a surprise that the 1,000 most popular apps contain on average 15 SDKs.

But SDKs are not really your code. It is actually someone else’s code interleaved with your own, yet you are liable for it. You are responsible for it in the eyes of Apple, Google and most importantly – your users. Why is this a problem? Well, in this post, I’ll explain two major domains of risk when using SDKs, and spice it up with a few real-life stories.

1. Security, Privacy and Compliance

The dark side of app permissions

Once hosted in the application, the SDK is part of the application code and can access any user data that the application was granted access to. If the app can access users’ location, contacts or private files, so does each and every SDK in the app.

We often see Android SDKs containing code similar to this:

if (context.checkCallingOrSelfPermission(“android.permission.ACCESS_FINE_LOCATION”)
              == PackageManager.PERMISSION_GRANTED) {
     Location userLocalLocation =
                localLocationManager.getLastKnownLocation("gps");
}

The SDK simply checks if the app was granted a permission to access the user’s location, and if so it takes advantage of it and accesses the GPS as well. We can often see that SDKs send this information to external servers.

Let this be a cautionary tale to all you folks integrating SDKs: what the SDK doesn’t tell you may hurt you. In the case above, the SDK could simply not declare using the Location permission and only exploit it should your app have it. All might be done behind the scenes, and worse – behind your back and on your watch.

Continue Reading