Around two weeks ago, we started a new initiative at Appknox. The intention was to start a collection of detailed articles about the various threats as listed by the OWASP Top 10 Project. While we have been discussing about the web, today we’ll also start off a new collection of threats pertaining to mobile platforms.

Mobile has grown tremendously all across the globe. In certain regions like India and South-east Asia, there are more cellphones than people! Along with devices, mobile apps have also grown manifold. Suddenly, consumers are more confident with the convenience offered by their mobiles phones. Whether you are at home, at the office, driving in your car or in a hotel room in another country – you can easily manage your work and personal data, bank online, shop for new clothes, travel and much more.

While this extreme level of growth and convenience is exciting, it has also brought with it an extreme number of security risks as user credentials, bank data and other information are easily flying between devices and backend systems all across the world.

Below, you’ll find the top 10 mobile security risks as defined by the OWASP Top 10 Project for Mobile. Understanding these risks can help you prepare your app and protect yourself, your data and your users. Starting next week, we will be discussing each threat in detail. For now, here are the most commonly found security threats in mobile:

  • M1: Weak Server Side Controls
  • M2: Insecure Data Storage
  • M3: Insufficient Transport Layer Protection
  • M4: Unintended Data Leakage
  • M5: Poor Authorization and Authentication
  • M6: Broken Cryptography
  • M7: Client Side Injection
  • M8: Security Decisions Via Untrusted Inputs
  • M9: Improper Session Handling
  • M10: Lack of Binary Protections

Follow us to stay updated about what you need to do to keep your mobile application safe from attacks.

  • Pingback: » 10 Measures To Meet OWASP Security Guidelines for Your Mobile AppAppknox – Blog()

  • Harshit Agarwal

    Here, what is “Lack of binary protections” should be learned in detail and it can be attributed mainly to three very common aspects those are:

    1. App software that is arranged in untrusted environment will very often turn into prey for attackers through reverse-engineering, modification, analysis and exploitation.

    2. App software environment that is easy to access will allow attackers gain entry into the app binary in a way compromising acts can be preceded very easily through damaging its integrity and technique.

    3. The reverse engineering through binary compromise can result into many negative impacts over the App and its user.