If you are an avid WhatsApp user, you surely noticed the recent encryption disclaimer (that can be seen in the screenshot shown below) following one of your recently sent messages. But what does this notification actually mean?
This encryption secures chats between the sender and recipient, making them absolutely inaccessible to external parties – whether that's hackers or other uninvited guests. It also passes the idea, to all mobile app users, that Facebook, owner of this popular messaging service, is actually taking a major stance on consumer's privacy.
The timing of this implementation is quite interesting, considering all the recent events regarding the debate between the FBI's claim for the need to access the information inside the iPhone owned by one of the San Bernardino shooters – a debate that was also about user privacy.
In any way, security concerns transcend this major case, as it's an issue related to espionage, client trust issues, private exchanges between individuals, and the highly legalistic nature of the American business environment (ex. business confidential material exchanged). People in general are keen on protecting their private assets, from credit card data to messaging with one of their contacts.
The highly discussed WhatsApp example does serve to remind us all that, despite all these concerns, app security has been prioritized as a critical issue within the consumer market. This makes sense, especially when considering the amount of apps created by amateur developers without consideration for the privacy of users and the security of personal data.
According to Tony Pepper, CEO of Egress Software Technologies, making encryption “the norm” will go a long way in reducing IT resistance from other potential adopters, as well as encourage employees to push for the same sense of security across other work-related tools, thereby creating “a safer data sharing environment for everyone“.
This is of utmost importance, especially considering that, according to Flurry Analytics, but how can small and medium-sized companies ensure the security of their mobile apps?
Even with all the news surrounding encryption, not all companies have the resources to do so. According to a Security Week article highlighting a study by Ponemon Institute, companies are facing difficulties in adequately addressing this subject. The study found that, out of 640 individuals associated with app development and internal organizational security issues, an overwhelming majority found securing mobile apps to be “very difficult”.
In addition, the study reports that “only 29 percent said their companies have the resources necessary for preventing the use of vulnerable or infected applications”, and that “well over half of organizations lack the necessary mobile application security expertise.”
These alarming statistics are eased by the existence of tech platforms such as Beame.io, that has developed encrypted communication capabilities to fast-track the security of mobile apps. Their solution helps companies with smaller budgets to identify and eliminate mobile security issues, essentially by acting as a software-based network, turning mobile internet users into an SSL server to easily integrate web apps.
For instance, Beame's technology requires additional authentication requirements to enable secure browsing and works to protect sensitive data store on mobile, from passwords to specific software licenses.
The consumer market is hungry for solutions like Beame, as they provide cost-effective alternatives without sacrificing security quality and effectively reduce the need for resource-intensive in-house security systems, and make encryption more of a reality for everyone, regardless of how big their budget is.
With the rising demand for user privacy, commercial entities – from the freelance mobile app developers to larger mobile app producers – will need to account for the privacy of their clients, as well as data security. After all, failing to account for these demands may create consumer backlash and long-term reputation damage for mobile app developers.