Mobile Device Security: Data Protection on iOS and Android
Mobile device security is an important consideration in the digital age, given the high amount of time many of us spend using phones and tablets to conduct personal and corporate business. You may already know that you can turn your own Android device into a hacking machine by using termux for windows, but this just goes to show how careful you need to be. If you can do that by downloading some software, imagine what professional hackers can do to access your personal data. Android and iOS devices employ various security measures to keep data safe. If you use a mobile phone for business use, it might be in your best interest to invest in Mobile Threat Defense beyond the built in systems for extra security.
In this post we compare two security methods used on both devices: data encryption and data accessibility. We’ll wrap up with recommendations for steps you can take to protect your data and improve your mobile device security.
Encryption is the process of encoding user data on a device using encryption keys, and it is the primary method by which mobile device security is achieved. After initial encryption, user-created data is automatically encrypted before being saved locally on your device. Encryption ensures that your data will be unreadable if any unauthorized party tries to access it.
After an Android device is initially encrypted, data stored on the device is secure behind the passcode known only to the owner. Android uses both full-disk encryption and file-based encryption. Full-disk encryption uses a single key, protected with the user’s device password, to protect the entirety of the data on the device. Upon start up, the user must provide their credentials before any part of the disk is accessible. File-based encryption is separate from this, and allows different files to be encrypted with different keys that can be unlocked independently. Information about these two types of encryption (and more) can be found on Android’s Source.
With the introduction of Android 5.0 Lollipop in 2014, the default setting for encryption was turned on, but phone makers were not required by Google to enable encryption as the default. That changed in 2015 when Android 6.0 Marshmallow was released. At that time, Google required device manufacturers to enable encryption as the default, but they also allowed some manufacturers to disable this feature for devices that couldn’t handle the workload. In addition, each phone manufacturer can modify the look of Android by adding or removing features, which may introduce bugs or security vulnerabilities in the process. As a result, due to the number of Android device makers and different requirements for some, security can be compromised.
For iOS, you can choose to encrypt the contents of your phone, tablet, or watch by adding a passcode to the device. With the release of iOS 8 in 2014, Apple began encrypting iOS devices, making items stored on the phone inaccessible to anyone without the device’s passcode. Apple took mobile device security one step further by requiring multiple pieces of information to unlock data stored within the device. One piece, the passcode, is known only by the device owner and the other is embedded inside the device and unknown to anyone. Technical information about iOS security can be found on the most recent iOS Security white paper.
As it pertains to mobile device security, the concept of data accessibility refers to whether the data saved on your device is accessible to other apps. Android and iOS approach this accessibility a bit differently.
Each Android app is housed in a virtual sandbox that keeps personal data safe. Apps are able to access photos and location only if owners give permission. However, app data is sometimes saved external to the app and may be accessible by other apps, creating a potential security concern.
Data can be saved in three ways for Android apps: internal storage, external storage, or by a content provider. Files created on internal storage are accessible only to the app and Android implements this protection, which is sufficient, for most apps. Additional security can be provided by encrypting local files using a key that is not accessible to the app through file-based encryption. Files created on external storage, such as SD cards, are globally readable and writable and therefore sensitive information should not be stored there. Content providers (e.g. services like Dropbox) offer structured storage that can be limited to one app or exported to allow access by other apps.
In Android, app developers are able to programmatically query device information, including the device phone number. Apps can request permission to allow read access to your phone’s information, and can then use this permission to monitor the call status of your device, for example, to behave correctly when you receive an incoming call. However, this permission also enables apps to have access to your phone’s identifying information, such as IMEI, phone number, and cellular network information.
Like Android, every app on an iOS device runs in its own sandbox. App Sandbox is designed to contain damage to the system and the user’s data if an app becomes compromised. The app has access only to its own data and code, and as far as it knows, it’s the only thing running on that device. Well-defined protocols exist to exchange data between apps on an iOS device, but both apps have to agree, and a specific conversation has to happen between the apps for the data to be transferred securely.
Apple controls the underlying device infrastructure and does not hand any of this control over to developers. iOS blocks apps from reading phone number or device identification from the device. This control is a major difference between iOS and Android. At InspiringApps, we have occasionally received requests to develop an app that will change the behavior of another app, such as iMessage, which is impossible to do with iOS.
The steps that Apple has taken should give users comfort that they are running apps from known developers and that those developers have created apps that play by the rules on the platform.
Check the encryption status of your device by opening the Settings app and selecting Security. The Encryption section will contain the encryption status of your device. If it is not encrypted, find a time when you do not need your device for about an hour, then tap the option to encrypt it. Depending on your device model and data, it may take up to an hour to encrypt your device. In addition, keep your OS up-to-date as security enhancements are included in new OS releases.
Set up Touch ID & Passcode under Settings. Use an alphanumeric passcode containing at least six digits. The longer password is more time-consuming to enter, but with Touch ID enabled, you will not have to enter it too often. Keep your OS up-to-date. Apple will remind you regularly when a new version is available to install.
Interested in learning more about data security and protecting your personal information? Over the past month we’ve discussed several ways to protect your privacy in the digital age. Check out our post on the practice of behind-the-scenes data tracking (and how to opt out if you desire), as well as the post on protecting personal information you pro-actively provide.
Let’s build something together
We’re celebrating 15 years of InspiringApps—and we have a lot to be thankful for. Our company history is rich in milestones, steeped in the Boulder foothills, our passion for developing code, and our commitment to inspiring our clients and our team. This blog post highlights just a few of the milestones that helped us get where we are today. The Early Years: InspiringApps Is Born Our journey began in Boulder, Colorado, in September 2007, where developer and entrepreneur Brad Weber founded InspiringApps. Having spent over 12 years developing custom web and desktop apps as a one-person shop, Weber wanted to grow a team that could tackle larger-scale apps that drive change. InspiringApps is the result of that vision. While InspiringApps focused first on custom desktop and web applications, Weber recognized an opportunity with the launch of the iPhone, and the company quickly expanded to mobile app development. This timely pivot became the launchpad for InspiringApps’ many years of success. Working with clients like Nurses for Newborns Foundation and Church Publishing, building apps like ePCR for iPad and Upbeat Workouts, we inspired new generations of business and consumer app users alongside the dawn of an increasingly mobile-first era. With the novelty of the mobile app market, most of our clients were entering the app world for the first time, so we had a lot to give back and share. In 2012, we wrote the first edition of our book. After helping many business leaders get up to speed quickly, we wrote a second edition—available for free here: InspiringApps: A Business Perspective on Building Mobile Apps. We dedicated ourselves to building apps that functioned exceptionally well in those early years. Fifteen years in, we’re proud that “Finish line every time” is our InspiringApps guarantee. Better Together: Award-Winning Partnerships The next several years (2013-2018) marked another period of expansion through incredible client and team collaboration. For everyone at InspiringApps, enterprise app development became a matter of good stewardship. We built a culture where we could design and develop amazing digital products together, adding design as a core element of our services that makes our development stand out. And in the years that followed, we were honored to be considered an award-winning app development agency on an international scale. In 2015, the retail merchandising app we created for SmartWool was named the winner of the Tabby Award/Business in the iPad App: Data Access & Collection category. That same year, a sales presentation app that InspiringApps developed in conjunction with Gulfstream Aerospace took second place to Adobe in the iPad App: Marketing & Presentation category. The Tabby Award/Business is the only global competition that recognizes the best enterprise and business apps in the industry. In 2018, we won two Davey Awards honoring creative work from the best small companies worldwide: a Gold Award for the design and development of the Empath app and a Silver Award for our work on the Artifact Uprising app. InspiringApps was one of 13 companies out of 3,000 nominations that received a Gold Award in the mobile category in the Daveys that year. By the end of 2018, our team had grown to encompass highly experienced, tenured software developers, designers, and creatives. We’d served over 75 clients, from startups to some of the world’s largest companies like Google and Toyota. We’d delivered over 150 apps for all kinds of smart devices, continuing to inspire how people live, work, and play. The Pandemic Years: A Rebrand for a New Chapter It can be hard to think about the pandemic years in a positive light, but embracing challenges is part of what we do every day as developers. As digital transformation accelerated, so did we. InspringApps had a number of successes beyond 2019. In 2020, while many large enterprises lost personnel, our team grew stronger and larger. We took many steps to create a remote-first culture that served our clients and our team, including forming a leadership team to provide support and hosting open feedback sessions. We were honored to continue building apps with impact—like the Cancer Excercise app, which was the first mobile exercise app for iOS designed specifically for cancer survivors. The app was nominated for a Best Mobile App Platinum Award in 2020 and won an AVA Digital Gold Award in 2021. In early 2021, our newly expanded design and marketing teams set out to capture the message and aesthetics of InspiringApps with a purposeful company rebranding. Visualizing the mountains of Boulder, our code, and our core values, we created a new identity and style. Our new logo, website, and messaging reflect not only InspiringApps’ foundation but also our continued focus on a values-based culture. By the time InspiringApps was celebrating our 14th birthday in September of 2021, we had also achieved another milestone: becoming Great Place To Work Certified™ for the first time in the company’s history. 2022 & Beyond: Deeper Roots Into the Future InspiringApps has made a concentrated effort to set ourselves up for a bright future. We’ve already experienced major growth, especially in fintech app development. We’ve invested time and talent to prepare our people and processes to support this growth. And as a result, we’re designing and building better-quality products more quickly than ever before. This year marked the launch of another first for InspiringApps: Explore Orion is designed for uses beyond the confines of planet Earth. In the free app developed by InspiringApps with Lockheed Martin, users can interact with Callisto, the exciting new technology that delivers messages into outer space. Explore Orion encapsulates what we do here at InspiringApps: we work with leading companies to bring their mission to life. Closer to home, one of the core projects we launched this year was an initiative driven by our employees’ feedback and desire to give back. The new program, IA Commits, provides an affordable option for local organizations, limited-budget, and not-for-profit clients to bring their web and mobile app dreams to life. But in a deeper way, it also aims to change the tech industry’s future by providing transformative career and training opportunities to underrepresented aspiring developers and coders. In 2022, we also implemented Innovation Day, which allows our team to grow and gain new skills that will serve InspiringApps and our clients well into the future. Concluding Thoughts InspiringApps designs and develops custom mobile and web solutions that help people. We’ve helped millions of users with apps that are as easy to use as they are aesthetically pleasing. We help entrepreneurs start businesses around the products we create. We help organizations bring their mission to life. Growth occurs when we seek to solve problems, make mistakes, and improve along the way. Empathy leads our team to design and build thoughtful products. We’re proud to share all of our unique achievements, especially with our communities, partners, friends, and family—all of whom we want to thank for an incredible history and a continued path to success. Together, we make InspiringApps.
3 days ago
Apps have the ability to revolutionize the nonprofit sector. With a well-developed app, a nonprofit can streamline its processes and improve its donor base. From charity apps to donation apps and fundraising apps, apps can make a world of difference for a nonprofit or charity organization. In this post, we’ll share how to develop a nonprofit app that will make a difference. 1. Keep the mission front and center. One of the most important things to consider when developing an app for a nonprofit organization is whether or not the app’s purpose aligns with the organization’s mission. There are many reasons nonprofit professionals seek a software solution through a custom app: Bring awareness to your nonprofit’s cause. Interact with your community. Augment the experience of interacting with your nonprofit. Make operations more efficient. Manage volunteers or coordinate board member activity. Keep supporters informed. Attract donors through fundraising for your charity. Help others. But regardless of these reasons, the most successful nonprofit apps are those that keep the nonprofit organization’s mission at the forefront. If the app is not directly related to the organization’s mission, it’s likely that it will not be used by the organization’s target audience. For this reason, it’s important to make sure that the app’s purpose is in line with the organization’s goals. Throughout the mobile app development process, keep the mission in mind and make it a priority. Apps on a Mission: Examples Volunteer & Donor Apps To Mobilize a Charity The American Red Cross has a stated mission of “mobilizing the power of volunteers and the generosity of donors” to respond to disasters, alleviate suffering, and support human rights. In line with this mission, their volunteer app, Volunteer Connection, enables existing volunteers to manage their activity and stay more engaged with the charity through a mobile app. The Blood Donor app is another charity app offered by the American Red Cross. Through the donation app, they can send push notifications alerting the public of blood shortages. It streamlines and enhances the charity’s donation process and user experience, enabling donors to locate nearby blood drives, get notified when their blood is on its way to a patient, earn achievements, and more. 2. Make your app easy to use through thoughtful design. A key benefit of your nonprofit app is user participation. You can use your app to engage with users who are passionate about your nonprofit organization’s cause. But even for the most important cause or well-known charity, you may lose users if your mobile app is confusing to use or otherwise poorly designed. For nonprofits, user interface and user experience are essential tools to keep your users engaged and motivated to continue interacting with your cause or charity. Here are a few app design tips to help ensure your mobile app is easy to use. Put the User First Is your user a volunteer, supporter, community member, charity champion, or donor? For that user, your app should make complex tasks simpler. During mobile app development, make the user interface and experience as streamlined and straightforward as possible. Prioritize Accessibility Accessible to everyone means ensuring that the app is available in multiple languages, as well as taking into consideration users with different abilities. By making the app accessible to all, you’ll ensure that it can be used by the widest possible audience. Avoid Clutter Creativity is encouraged, but clarity reigns. Instead of cluttering your mobile application with too many design elements, try to keep it simple and readable. Use Your Brand Choose bright, inviting colors and design elements that align with your brand’s message. Use a Dashboard A central dashboard helps the user stay oriented and motivated. It’s essential to keep it clean and effective. Include critical information here. Visualize Data Visually display fundraising or other cause-related metrics that donors, supporters, and volunteers care about, like the money raised, hours donated, or meals packed. Follow the Leaders Google and Apple both have interface design resources. Following these best practices ensures you’ve put the proper thought and care into your mobile app development and design. 3. Collect and respond to feedback. One key to success for any app lies in collecting and responding to user feedback. The benefits and use cases for feedback include: Determining How To Update Your Nonprofit App: Reviews are a great way to stay in touch with the ongoing desires of your user community. This is especially important for a nonprofit app, as it can help the organization fine-tune its offerings and make improvements. Marketing Your App: The value of positive reviews is high in influencing how your mobile app ranks in search results on the app stores and in compelling others to take the risk to download your app. Protecting Your Reputation: Collecting in-app feedback about bugs and usability problems can often help avert negative public posts by allowing you to quickly fix any issues. Here are some best practices for managing feedback. Prompt for Reviews While some users will choose to leave feedback on their own, others benefit from being prompted. To increase the quality of the feedback, request reviews when users have already used and are familiar with your mobile app. Respond to All Reviews Remember that users want to be heard. We recommend that you respond to all reviews, no matter how positive or negative they may be. Represent Your Brand Responding to reviews is no different than interacting with users through social media, email, and discussion forums. Take care that you are thoughtful in your approach. Encourage Direct Outreach Nonprofits can provide a contact number or email address to encourage users to contact them directly and address unique concerns. 4. Keep your app updated. You’ve developed your nonprofit app and released it to the world. Things are going great, and your charity is seeing the rewards of investing in nonprofit app development. But an outdated app usually isn’t a highly used one. How do you keep a user coming back? App updates are an integral part of the business plan for nonprofit organizations seeking to develop an app. Here are some factors that may inspire (or require) you to update your nonprofit app. Features & Improvements Even after you release your app, the user experience will continue to be the most important place to focus your time. Straightforward apps may hit the nail on the head at launch, but most apps go through a few iterations before they offer the desired experience. Keep track of your app store rankings, download growth trends, and social signals in online mentions and reviews. In-app analytics can provide insights into how users progress through different locations and features within your app. Monitoring performance also helps to bring to light any issues that could be causing users to abandon your app. Great app ratings and reviews come from a great user experience. Learn from your users’ feedback, and put that into regular updates with new features and improvements. Operating System Releases Many of our clients rightly ask whether an operating system (OS) update will impact the functionality of a native app they built on a previous OS. The answer is, generally, “It might!” With a new OS release, it’s always wise for mobile app developers to review existing code. This way, you’ll ensure your app will work as well on the user’s mobile device as it did when it was first written. For more information on the implications of an OS update, check out our article: How do OS updates impact apps? 5. Promote your nonprofit app. Before your mobile app is launched, you’ll want to be ready to promote it through traditional and digital channels on the Apple App Store, Google Play, and beyond. While the methods for promoting your mobile app may vary, here are a few tried-and-true marketing strategies to connect people to your cause. Advertising & Content Marketing Getting the word out there is essential for nonprofits to ensure that people are aware of and using the app. Applying a tandem advertising and content marketing strategy is an excellent way to succeed here. Go beyond making a great first impression by marketing your nonprofit app to attract, engage, and exceed your users’ expectations. A Google Ad Grant can equip your nonprofit with up to $10,000 in free search advertising per month. With content marketing, you can make helpful and valuable content for potential users, drawing them to your website through articles, infographics, or videos that help your audience achieve their goals. You can develop content that will attract users to download your app and then use Google Analytics to optimize it for search rankings. For example, the Charity Miles app is a fundraising app that enables users to earn money for charity whenever they walk, run, or bike. The blog covers topics on employee engagement and success stories to attract potential user groups and sponsors. Website Landing Page There are many free tools you can use for your nonprofit’s website. A website with a landing page specific to your app will help promote your app, its features, and its launch date. Provide a contact form to collect potential users’ email addresses. Invite people to sign up for launch notifications and provide social media sharing tools so fans can begin recommending your app to others. The goal is to build excitement and collect data that will power other elements of your marketing campaign. App Store Listings A compelling app store listing is a vital component of marketing your app. App store listings feature your icon, screenshots, and video previews. They appeal to potential users by providing an attractive and informative visual summary of the app’s design and key features. While there are many components to your app store listings, here are the top three items to focus on to create a great one: Keywords Knowing and using relevant keywords is imperative—we can’t emphasize it enough. In today’s digital world, all content is filtered before it’s delivered to you. From the Instagram posts you see first to the order of websites a Google search returns, keyword rankings help you find the information and products you want. Promotional Descriptions Just like social media captions and website previews, only so much of your description is visible to your potential user when they first arrive on your listing. This promotional description text is your app’s chance to stand apart in a lineup of similar offerings. It should pack a punch and convey your app’s value. You’ll want to be compelling here and include at least one of the keywords you identified. Multimedia For highly visual apps, preview and promo videos can enable you to overcome the challenge of articulating in words a concept better seen in action. But any app can benefit from a video by offering potential users a refreshing way to experience features before downloading. Social Media Social media is a cornerstone of getting the word out and should be central to your promotional strategy. Here are some best practices to keep in mind: Start well before app launch by establishing a presence on multiple platforms, including Instagram, Facebook, Twitter, and LinkedIn. Consider a variety of media, including video and TikTok reels. Note that your charity or exempt organization may be eligible for the YouTube Nonprofit program. Encourage interest, build excitement, and increase engagement with announcements, screenshots, and previews. Direct traffic to your website and app store listings to attract your target audience and build awareness with potential users. Email Outreach Whether you use the nonprofit cloud or a simpler option, email marketing can be a powerful tool for creating brand awareness and keeping your cause top of mind. You can enable fans to join a waiting list or to opt-in to receive immediate announcements on launch day and stay engaged through email marketing. You can also use marketing emails to send users informational tips or promotional offers. Notably, Salesforce offers 10 user licenses for free to nonprofits, making sophisticated marketing tools available to smaller organizations to do customized email outreach. With the nonprofit success pack, you can use your data to create segmented communications and personalized content for email campaigns. Targeting your message to your audience helps encourage open rates and click-throughs. Press Kit A press kit informs reporters and bloggers about your app. Hit the ground running on launch day by creating a single-file kit that includes everything the press needs to help generate buzz about your app: Press Release App Store Icon & Screenshots Video Demo App Description Reviews About Your Organization Concluding Thoughts Make an Impact With Nonprofit App Development Applying technology in innovative ways can help nonprofits stand out. Working with a mobile app development company can help you make an impact with your nonprofit mission. Many low-code, no-code DIY development platforms can be used as prototypes to test ideas and gather feedback. If your app is simple and requires little customization, this option may be the right place for you to start. If you’re looking for an expert who can help you develop a nonprofit app in Denver and Boulder, Austin, or anywhere else, or if you have an app and you need to scale it, we’re here for you. Check out our IA Commits program for more information and to get in touch.
15 days ago