What should we pay attention to when develop a safer APP

Due to the growing popularity of Android and iOS,mobile app developer submit an average of about 1,000 app applications daily at the Apple App Store. Experts calculate that there will be more than 2.15 billion smartphone users worldwide by 2017, a figure that alone answers the fact that mobile app development will be considered the most intriguing thing. Starting from the application's security, let's take a look at the top ten mobile app trends. In 2016, the use of mobile applications accounted for 86% of mobile clients, an increase of 6%.

So what are the key barriers to effective mobile security?
Due to the open source feature, Android has won the support of the majority of manufacturers and developers. According to a foreign research report, the share of China in the first three months of July this year dropped to 14.3%. At the same time, Android market share increased to 85%, setting a record high. The growth of market share makes the Android application market more prosperous, but there is a growing prosperity behind the growing problem that a large number of Android apps are pirated. Domestic Android app piracy serious and domestic ecological, various domestic Android market distribution channels, while there is only one foreign Googleplay.
The lack of a clear market definition and understanding in a global business community, the lack of understanding of modern security vulnerabilities, has the consequence that business leaders lack the purpose of buying; traditional rather than mobile priorities, devices and networks Security; a device-centric, user-centric approach; a lack of security standards in an innovative emerging market; and the security of mobile devices and applications.

We have outlined the following approaches: Avoiding / reducing threats and risks:
The traditional access control, that is, the protection of device passwords and idle time screen locks; the application source where the user decides whether they want to use an application based on the publisher's identity; encryption, that is, in such a way that only authorized parties can access it The ability to access sensitive data and systems within the limits of authority; access-based access control, which grants permissions and then limits the application's ability to access devices / systems within its authority; There are many developers lack of security awareness, developed Android app did not take any protective measures, can be easily anti-counterfeiting pirates.

Some syntax and design specific to android programming, there is also the risk of being attacked, usually our code will be carried out before the official safety scan, scan the most important thing is to scan the following points: This is relatively simple, does not allow the printing of sensitive data, and then Before publishing the print log must be turned off the switch. In order to start another application Activity, we often use some implicit Intent, if it contains some sensitive information, as long as the third-party app registered the same Intent Filter, it is possible to intercept sensitive information, so send an implicit Intent , You must specify the recipient and permissions.