Most of the apps published in a public app store are at the mercy of the users who download them.
Unfortunately, not everyone who downloads your app has good intentions. In fact, some people have decidedly malicious intentions, and you won't know that your app is in harm's way until the damage is done.
Before I further explain how you can keep track of your apps, it's important to understand the risks involved when releasing an app. Anyone can download an app from Google Play or Apple's App Store, and every instance of your application runs in an environment you cannot trust. You don't know if the device has been jailbroken, stolen, or resold (without first being wiped clean). Furthermore, even apps that have protection applied to operate in an open loop. There's no secure mechanism for an app to “phone home” to communicate current threat status so that developers can be alerted to malicious activity or update protections to stop it.
Because of these dynamics, public app stores are a veritable playground for attackers. By starting with a debugger, attackers can reverse engineer virtually any app they download from a public app store. This allows attackers to determine how an application runs and do any number of things to wreak havoc. For example, they can insert code into the application that enables them to steal user credentials, and then trick users into downloading and installing the modified version.
While the app stores work diligently to prevent these kinds of counterfeit apps from being made available, attackers work equally diligently to get their apps listed or use methods like phishing to get users to install the app directly. The attackers can then obtain the credentials of any user that proceeds to use the modified app. Attackers can also see if the encryption keys used to transmit sensitive information are properly protected. If not, an attacker can uncover the API keys and use them to communicate to the server and begin attacks against the data center.
These attacks can have devastating consequences. User data can be stolen, putting businesses at risk of regulatory compliance violations and bad publicity. Financial fraud can be committed, resulting in lost revenue. And, of course, there's the loss of customer and shareholder trust, all having the eventual impact of brand reputation. If the attack goes on long enough, a business could sustain irreparable damage.
The best way to mitigate the risks apps face out in the wild is to close the protection loop. Instead of releasing an app and placing trusting in the security of the app store, you instead create a system to receive immediate feedback about the app's security posture. The key lies in the ability to insert protective code in the application before publishing. By inserting protective code at various points in the application that can send secured information home, you can gain visibility into activities concerning your app. Not only can you see whether it's been downloaded onto a jailbroken or rooted device, but you can also see who or what is putting your app at risk and how.
Once you know that an app is in harm's way, you can fully close the loop by taking the appropriate actions. For example, you can deny access to specific users in real time or release an updated (more secure) version of your app to prevent the same attack from reoccurring. The data that you collect from your app can be used by itself or it can be fed into other business intelligence or SIEM tools that monitor network traffic. Either way, you have the necessary visibility to protect your app in real time.
It's incredibly important to secure your app during the development process. But it's equally important to be able to monitor your app in the wild, once it's exposed to the best and the worst of the web. This will enable you to implement efficient threat response that leads to reduced risk to your company over time.
