Security on any device that touches the Internet is a challenge. Apple provides solid foundations for securing applications, but app developers need to do their job as well. Most applications go through the Apple Store, which checks that they don’t have any apparent holes.
Application security has two sides. The application shouldn’t compromise user privacy or affect data that it shouldn’t touch. It also shouldn’t leak information to the Internet or to other applications, except for authorized data sharing, or let any unauthorized party tamper with its data or functioning.
The design of an application needs to include security from the outset. Developers can’t create an application and then make it secure. Each line of code needs to take into account the need to prevent any breaches.
How iOS makes applications secure
Apple considers iOS even more secure than macOS (aka OS X). The Mac operating system is based on a traditional file system model, where applications have access to all or most of the user’s files. On iOS, each application can read and write only the files with which it’s concerned. If it needs access to restricted information, such as the user’s contacts, it has to ask the user for permission.
Each application from the store is digitally signed, using a key that belongs to the developer. If the application has been modified, or if a rogue application impersonates a trusted one, the signature won’t match. iOS won’t run the application.
If an iOS device gets an application that doesn’t have a validated signature, it simply won’t run it. Adventurous users can override this by “jailbreaking” their devices, but then they’re on their own.
Businesses that have their own enterprise applications developed can get similar protection through the Apple Developer Enterprise Program. Authorized devices get a Provisioning Profile from Apple. This authenticates the applications and prevents them from running on any unauthorized devices.
What developers have to do
Good developers build on Apple’s base. They ask what risks an application could face and design against them.
To preserve data privacy and make sure it’s going to the right place, an application should use HTTPS connections to reach Internet servers. Data that isn’t sent securely can be intercepted and even modified. People often use iOS devices on public Wi-Fi, where interception is easy and public hotspots may not be trustworthy.
Apple provides hardware-accelerated encryption of files. Applications should use it for sensitive information. That way, a thief who acquires someone’s iPhone can’t take it apart and read the information directly from data storage.
A developer that creates multiple applications can register them in an App Group. This lets them share data and preferences so that they can work together. This lets a developer issue a suite of closely coordinated applications.
Taking the user into account
Users, unfortunately, don’t think a lot about security. Applications have to make it difficult to unintentionally give away their privacy.
If an app asks the user to create a password, it should insist on a certain level of complexity. Too many people use short, simple passwords that are easy to guess.
If the app gives the user a choice between a safe option and an unsafe one, the default should be the safe one. If it gives a choice among unsafe options, there shouldn’t be any default, and the user should get an “Are you sure?” confirmation. Users generally shouldn’t have to make security decisions; the developer knows more about security than the average user. The application should pick the most secure way to do things unless there’s a reason not to (e.g. the most secure option is much less convenient).
An application shouldn’t do anything which the user doesn’t expect or intend. This involves some tricky design decisions; the app shouldn’t burden the user with unnecessary details, but it shouldn’t run ahead and make assumptions about what users want. If an action is risky or could disclose or delete information, it’s especially important to make sure the user wants to do it.
The secure application
When an iOS developer takes all these issues into account, the customer can use the app with confidence that it will work as it’s supposed to and not leak data. Software is so complex that there’s never a 100% guarantee of being bug-free, but good development practices keep the risks very low.
At AppIt Ventures, we follow the best development practices to give you a reliable, secure application. Contact us today to discuss your development needs and see how we can help.
