Pricing Request a Demo
Home / User Privacy
Enjoy the best mobile SDKs news, tips & tricks, sent to you by mail

What Does the Upcoming GDPR Mean for Mobile Apps?

November 16, 2017 3:22 PM

Next May, Europe’s data protection rules will undergo a major overhaul. The existing Data Protection Act (DPA), will be replaced by the European Union’s (EU) General Data Protection Regulation (GDPR), a framework that will change how businesses and public sector organizations can handle customers’ personal data – with much tougher punishments for those who fail to abide by the new rules.

The GDPR is meant to unify data protection for all individuals within the EU, as well as address the export of personal data outside of Europe. It aims to return the control over personal data to European nationals and residents and to simplify the regulatory environment in which international business is conducted.

Once implemented, the new regulation will be binding of all companies processing and holding personal data of people residing in the European Union, regardless of the company’s location. This includes mobile apps. Businesses will have to prove they have made the necessary changes to protect user data, or face hefty fines for noncompliance – 20M Euros of 4% of their annual profit. What’s more, mobile apps found to be noncompliant run the risk of being banned from app stores; a risk no business should be willing to take.

Continue Reading

[Report] How Extensively Do 3rd Party Mobile SDKs Access Private User Information?

October 25, 2017 5:23 PM

Transparency of mobile SDK activity has been on our mission statement since day one. Our flagship product was based on the sole interest of providing app publishers with just such transparency over the 3rd party tools they’ve integrated into their app.

We’ve also been on the forefront of SDK usage data. We’ve been releasing quarterly reports for over a year now, detailing the state of the Android market by following usage trends, pointing out which up and coming SDKs are conquering the mobile world by storm and seeing how competing or complementary tools control their respective market shares.

Now, with growing user awareness and concerns about private data leaking to 3rd parties, as well as big conglomerates being sued for 3rd party violations, we’ve combined both transparency objects. Our latest report has an added section detailing what kinds of private user information mobile SDKs are trying to access. It is especially important for mobile apps with European users who must be prepared for the upcoming GDPR which will start to be enforced in May 2018, holding apps solely responsible for reading private user information without explicit consent, regardless if the action is made by the app itself or a third party tool it has integrated.

Looking at over 190,000 top mobile apps against a database of over 1,000 libraries, this is our most extensive and thorough report to date.

Main Highlights

Please note that we are sharing here a partial selection of the findings that are presented in the full report. To access the full report (download is free) click here.

Continue Reading

How Top Mobile Apps Fight the SDK Fatigue and the Effect on their Business Results

October 10, 2017 3:25 PM

Mobile SDKs have become a commodity. In our latest mobile SDKs market trend report (click to download it free) we’ve revealed that the average app has 18 SDKs. These SDKs support the product, marketing and monetization of the app’s KPIs. Currently, in 2017, it’s practically impossible to make it in the mobile app industry without leaning on multiple SDKs.

But, there’s an issue with this dependency: dealing with and managing multiple SDKs is wearying. Thus, a relatively new term was born – “SDK fatigue.”

In recent weeks, light has been drawn to the question of what SDKs are permissible to know about users. Lawsuits against major players and big conglomerates allege that user privacy is at risk. Supposedly, user information leakage to SDKs is at an all-time high. I can’t think of any dignified app that isn’t afraid of getting involved in such a PR (and business) crisis.

Continue Reading

How Top Mobile App Publishers Boost Ad Revenues While Maximizing UX

May 8, 2017 3:35 PM

Let’s get real for a second. App monetization is what it’s all about. Most of us get into the mobile app game not just to make the world a better place, but also to bring home the bacon. We put in hours upon hours trying to figure out where our users get lost, we pour hundred and thousands of dollars on trying to get the right users to notice us, and we consider most UX changes longer than we would a prospective spouse. That’s how important our app monetization is to us.

After all the hard work and long hours, we deserve a little something-something for our time and effort. So how frustratingly nerve-wrecking, not to say annoying, it is to learn that the very thing that should have turned a profit ends up hurting the bottom line? Especially when it’s not even the part of the app you wrote?

According to our January 2017 data analysis, most free Android apps use Advertisement SDKs in their app:

SafeDK | Most Popular Mobile SDK Categories Jan 2017

Ads are definitely the #1 source for app monetization in today’s market. It’s why we see their share consistent quarter after quarter.

And since SDKs are what we’re all about at SafeDK – ad-networks not excluded – we started monitoring what ad-networks are showing users. Allow me to share with you some real-life cautionary tales and answer the age-old question about user experience and app monetization: can I have my ads and eat it too?

Continue Reading

What’s New with the New ‘Google Play Developer Policy’?

April 27, 2016 2:25 PM

Google have recently done an Extreme Makeover Edition of their Play Store developer policy, completely redesigning the policy website. If you hadn’t taken a look, you should. Starting March 1st, policies and regulations have been made much clearer, and the Google Play experience has been almost completely revamped to become much more developer friendly.

While it may be the facelift that draws you in (the new site is definitely an upgrade to the long list of bullet points it was in the past), it’s the context that should catch your eye. When you look deep down beneath the surface, you’ll see the change to policies themselves is relatively minor. It’s the overall attitude that changed.

If I have to summarize the new policy website in just one word, it would definitely be – transparency.

Continue Reading

Enough with the Mobile SDK Mess: A New Technology Is Born

February 9, 2016 4:05 PM

SafeDK is presenting at MWC – Set a demo meeting!

In a previous blog post I’ve written (Mobile SDKs: Use with Caution), I mentioned the potential risks related with integrating Mobile SDKs into your mobile app. ‘SDKs’ as in these off-the-shelf 3rd party tools that app developers integrate into their mobile app for advertising, payment, analytics, social and many other functions. We all know that SDKs are a necessity in the mobile development process, but not all app publishers are aware of how these SDKs can affect the app’s performance, stability, battery consumption, security and privacy.

After going through an extensive analysis of a tens of thousands of apps and hundreds of different SDKs, we realized that there are 2 major domains of problems when using 3rd party SDKs. Both are crucial:

  • Security and Privacy – SDKs may contain viruses, malwares, backdoors or, most commonly, piggy-bag your app permissions to access your users’ private data.
  • User Experience – SDKs may contain bugs, consume a great deal of battery power and data, crash your app, slow down your app, and so forth.

During the last few months, we all read about major SDKs-related issues: apps that were banned from the stores because of a specific SDK that violated Apple or Google regulations, an ad-network SDK which  displayed ads that were  incompatible with the app’s ‘spirit’ (e-cigarette commercial in a kids app, someone?), marshmellow incompatibility of SDKs in an app that was supposed to be compatible… and the list goes on and on.

Basically, app developers must all ask themselves the following, ASAP:

Do I really know what’s going on with my app's SDKs? Can I really vouch for my app when I use so many 3rd party codes?

That’s exactly what led us to establish SafeDK. I focused my entire career on mobile development, and like everyone else, I constantly implemented SDKs the messy way… It took me a while, but I finally realized I was out of control, using so many SDKs. But I sure wasn’t going to work on all these SDKs’ functionalities in-house, so I created SafeDK to provide an optimal and elegant solution to this dilemma. This is simply what we say: Implement as many SDKs as you want, in order to create a wonderful app in the shortest time-to-market possible, but use SafeDK to maintain transparency and control over the SDKs code.

Continue Reading

5 Steps in Choosing the Right 3rd Party Tools (SDKs) for your Mobile App

November 11, 2015 1:44 PM

SDKs offer so much when it comes to developing a mobile app. As the mobile app industry has evolved, the amount of third party tools available has reached mind-melting numbers. This is both a blessing and a challenge for app developers.

Selecting those SDKs that are right for you is a skill. You don’t want to integrate too many SDKs, so you won’t lose control of your app entirely. You don’t want to be overly cautious and miss important capabilities in your app as well…

At SafeDK, we analyzed hundreds of thousands of apps and SDKs. We’ve talked to countless mobile app developers. We’ve established our SafeDK Marketplace, the one-stop-shop to find the best SDKs for you. This is why we can offer you the following tips to find the SDKs that best fit your needs. Define them, understand them and finally – find the right SDKs for you.

Continue Reading

Mobile SDKs: Use with Caution

July 22, 2015 11:19 AM

We’ve all heard of mobile SDKs. These off-the-shelf mobile services, which app developers integrate in your app for many purposes: advertising and payment, analytics and social, and many many more. No doubt these SDKs are a great help in your development process. They often offer unique functionalities, simplify your coding and save you precious time and money. It’s not a surprise that the 1,000 most popular apps contain on average 15 SDKs.

But SDKs are not really your code. It is actually someone else’s code interleaved with your own, yet you are liable for it. You are responsible for it in the eyes of Apple, Google and most importantly – your users. Why is this a problem? Well, in this post, I’ll explain two major domains of risk when using SDKs, and spice it up with a few real-life stories.

1. Security, Privacy and Compliance

The dark side of app permissions

Once hosted in the application, the SDK is part of the application code and can access any user data that the application was granted access to. If the app can access users’ location, contacts or private files, so does each and every SDK in the app.

We often see Android SDKs containing code similar to this:

if (context.checkCallingOrSelfPermission(“android.permission.ACCESS_FINE_LOCATION”)
              == PackageManager.PERMISSION_GRANTED) {
     Location userLocalLocation =
                localLocationManager.getLastKnownLocation("gps");
}

The SDK simply checks if the app was granted a permission to access the user’s location, and if so it takes advantage of it and accesses the GPS as well. We can often see that SDKs send this information to external servers.

Let this be a cautionary tale to all you folks integrating SDKs: what the SDK doesn’t tell you may hurt you. In the case above, the SDK could simply not declare using the Location permission and only exploit it should your app have it. All might be done behind the scenes, and worse – behind your back and on your watch.

Continue Reading