Your Brand Depends on Mobile Security
Over the past month, mobile security (or lack of it) has made plenty of headlines. In the last few weeks we have heard:
- SnapChat details for 5 million users being made publicly available on the Internet.
- Starbucks admitting that it has not secured user information in its mobile payment app.
- Subway’s pre-order app in California saving complete user information including credit card information in plain text.
- Although not related to mobile apps, Target was hacked for credit card and other information impacting 110 million customers.
While the rise of mobile commerce has been phenomenal over the past year, these incidents highlight the need for companies to pay more attention on securing user data.
Three reasons why a security breach happens:
1. Many companies and developers that are creating mobile apps don’t have the security experience seen in other software verticals.
2. Branding and user experience are typically more important factors than security, which takes a back seat.
3. Most customers trust the vendor to ensure their data is secure so their is little pressure for data protection.
Three simple steps we believe mobile developers should be taking to secure their mobile payment apps are:
1. App security should be as important as the user experience and be part of the early stages of planning.
2. All apps need to encrypt the data stored on the device.
3. Ensure mobile payment apps are PCI compliant. The Subway app would have immediately been red flagged under this scenario.
Ensuring your mobile app is secure doesn’t mean you need to radically change the way you do business. You need to have a team that understands mobile, enterprise security and marketing.
Companies are moving fast into mobile apps given the potential windfall and customer loyalty they create. That said, don’t let security be an afterthought. A single security breach can damage a brand very quickly and publicly. And recovery from that is not easy.