Custom Made vs. Off-The-Shelf Mobile Apps – The Issue of Security
The article is written by James Burbank, who runs a business blog called BizzMarkBlog.
In October 2015, Blakely Thomas-Aguilar did a great article on mobile security statistics on the VMware AirWatch blog that can and will send shivers down your spine. For example, she found that there was an increase of 18% in the number of Android vulnerabilities between 2011 and 2015. She also found that OS X malware was 5 times more common in 2015 than in five years preceding it combined. The most terrifying statistic that she discovered was that Gartner stated that more than 75% of mobile apps would fail even the most basic security tests.
One thing was (and is) certain after reading her article – mobile apps struggle with security .
There are innumerable reasons why this happened and one of them is definitely the fact that more and more businesses are choosing off-the-shelf mobile apps, as opposed to those that have been custom-designed for them.
Off-The-Shelf Mobile App Basics
Before we start talking about the security issue in the field of off-the-shelf mobile apps, we should probably say a thing or two about this type of mobile apps. As their name would suggest, these apps are purchased much like any other product that is manufactured for mass consumption.
The process is a simple one. The first thing to do is to choose a reputable company that does this kind of mobile app development. Next, you choose one of the customizable templates, as they all work with templates that can be used for a number of different businesses and their future apps. You then fill the app with your own data and information, customizing it so that it does not look like every other from your industry and you are on your way. It does not end there, as some such companies offer certain more advanced options. One of the largest mobile app builders, Bizness Apps, for example, also lets you scan your already existing website and get an app that will be coordinated with it, which is always a plus.
In the vast majority of cases, you will be able to develop an app like this for free, just so you can see what it would look like. However, launching it and making it useable will cost you a monthly fee.
Main Differences from Custom-Developed Apps
Of course, there is a deal of differences between off-the-shelf apps and the "more traditional" custom-developed ones.
First of all, there is the issue of price which is definitely on the side of the off-the-shelf apps. The majority of app builders sell their apps for the price of up to $50 a month, whereas getting a custom app developed could cost you anywhere between $10,000 and $500,000, even a million for the most advanced apps. These app makers make it possible for small businesses to launch their own apps without breaking the bank.
These off-the-shelf solutions come with limitations, however, and it is important to understand this. They will be based on certain templates and while most small businesses will be able to customize them to suit their needs, there are certain features that might not be available. In addition to this, such apps are never totally, 100% unique and they will most likely resemble apps developed on the same platform.
Still, for most SMEs, these compromises are more than worth the price difference.
The Security
Finally, we come to the issue of the day and the subject that will be of most interest to TeskaLabs blog readers – the security issue.
Since off-the-shelf mobile apps are based on certain templates, it goes without saying that the level of security measures they provide can never be the same as the one you get with custom-developed apps. While certain app builders will give you the chance to pay for more advanced security measures, they will hardly be as good as those you would get with custom-developed apps.
Certain app builders also use platforms that aged quite a bit and their security measures may not exactly be the most cutting-edge. In addition to this, certain security vulnerabilities that are innate to specific platforms may be known to individuals who have stopped working for these companies years ago and who might use these vulnerabilities to their illegal ends.
Because of this, if one decides to go with one of these apps for their business needs, it is always a good idea to consider (and reconsider) going for some added layers of security, such as the one provided by TeskaLabs.
Closing Word
App builder websites can definitely be an intriguing proposition for small business owners who do not have the means to hire the services of app developers who will do a custom app for their needs. That being said, they should definitely remember that there are limitations to off-the-shelf solutions, especially when it comes to the security of their future app.
AUTHOR: James D. Burbank has spent more than a decade in the world of marketing. The last few years, he's been trying to stay on top of all things online marketing. With some friends, he runs a business blog called BizzMarkBlog.
If you’d like to get a true assessment of the security of your mobile application and its backend, please check out our Mobile App Security Audit service. Alternatively, request a FREE Demo to know how we can assist you with the security of your mobile solutions.
Most Recent Articles
- A beginner-friendly intro to the Correlator for effective cybersecurity detection
- Inotify in ASAB Library
- From State Machine to Stateless Microservice
- Entangled ways of product development in the area of cybersecurity #3 - LogMan.io
- Entangled ways of product development in the area of cybersecurity #2 - BitSwan
You Might Be Interested in Reading These Articles
Having Fun with Your Android Apps? So Do Cyber Criminals
You love your Android phone and you love to go to the Play Store and download exciting new apps. You have also been through the Crazy Birds obsession and the Candi Crush mania. But do you know that your Android phone is not secured against the smartest of breaches: mobile app hackers. Before we go ahead and explain the intensity of this threat to mobile apps, especially Android apps, let’s have a look at the facts and figures!
Published on January 05, 2015
The 8th version of the European Certificate Trust List (ECTL) for C-ITS has been released
The Joint Research Centre of the European Commision (EC JRC) released the eight edition of the European Certificate Trust List (ECTL) used in Cooperative Intelligent Transport Systems (C-ITS). L0 ECTL v8 contains five new Root CA certificates and one re-keyed Root CA certificate. Three out of five newly inserted Root Certificates are installations that run on the TeskaLabs SeaCat PKI software for C-ITS.
press
automotive
c-its
v2x
security
Published on September 16, 2021
OpenSSL DROWN Vulnerability Affects Millions of HTTPS Websites and Software Supporting SSLv2 (CVE-2016-0800)
DROWN is caused by legacy OpenSSL SSLv2 protocol, known to have many deficiencies. Security experts have recommended to turn it off, but apparently many servers still support it because disabling SSLv2 requires non-default reconfiguration of the SSL cryptographic settings which is not easy for common IT people who have limited security knowledge and don’t know the location to disable this protocol and the way to disable it.
Published on April 12, 2016