The reviewed record of science sign in
Pith

arxiv: 2408.09032 · v1 · pith:4OPBLXB7 · submitted 2024-08-16 · cs.CR · cs.SE

A Developer-Centric Study Exploring Mobile Application Security Practices and Challenges

Reviewed by Pithpith:4OPBLXB7open to challenge →

classification cs.CR cs.SE
keywords securitymobilepracticesappsdeveloperschallengesdeveloper-centricface
0
0 comments X
read the original abstract

Mobile applications (apps) have become an essential part of everyday life, offering convenient access to services such as banking, healthcare, and shopping. With these apps handling sensitive personal and financial data, ensuring their security is paramount. While previous research has explored mobile app developer practices, there is limited knowledge about the common practices and challenges that developers face in securing their apps. Our study addresses this need through a global survey of 137 experienced mobile app developers, providing a developer-centric view of mobile app security. Our findings show that developers place high importance on security, frequently implementing features such as authentication and secure storage. They face challenges with managing vulnerabilities, permissions, and privacy concerns, and often rely on resources like Stack Overflow for help. Many developers find that existing learning materials do not adequately prepare them to build secure apps and provide recommendations, such as following best practices and integrating security at the beginning of the development process. We envision our findings leading to improved security practices, better-designed tools and resources, and more effective training programs.

This paper has not been read by Pith yet.

discussion (0)

Sign in with ORCID, Apple, or X to comment. Anyone can read and Pith papers without signing in.

Forward citations

Cited by 1 Pith paper

Reviewed papers in the Pith corpus that reference this work. Sorted by Pith novelty score.

  1. Challenges in Android Data Disclosure: An Empirical Study

    cs.SE 2026-01 unverdicted novelty 6.0

    Survey and forum analysis of 683 Android developers finds they manually classify app data for Google's Data Safety Section or skip it, feel confident spotting collected data but not in translating it to the form, and ...