How Big Is The Gap Between Users And Developers On Application Security?

By Ally Kutz, contributing writer

Bluebox Security surveyed more than 400 consumers and 300 developers and found that there is an immense gap between consumer expectations and developer investment in mobile application security. In general, the survey found users trust mobile apps they utilize on a regular basis, but developers admit these apps are not often secure.

When asked their level of confidence in their apps, 13 percent of consumers reported being very confident that their apps were safe from hackers and had been tested against security issues and vulnerabilities, while another 56 percent felt somewhat confident in their apps. At the same time, 79 percent of developers believe that mobile applications and other mobile technologies have become targets, with 74 percent of developers believing that most enterprise mobile apps are, at the very least, moderately vulnerable to any security flaws, and 24 percent felt that apps were highly vulnerable.

In many cases, a general cry for demand is leaving developers to rush their work, with 53 percent admitting they have taken shortcuts or put in temporary solutions in order to get their app out on the market faster. Of those surveyed, 96 percent of developers use third-party frameworks for their apps, which may pose a risk.

The survey also revealed 80 percent of consumers would no longer be a customer if a security breach resulted from the mobile app design.

Although security is a top concern, consumers seem to want security to be invisible. Of those surveyed, 37 percent said they would not download an app if it asked for information such as their phone number, email, or similar items, while 21 percent would not download an app if there were too many permissions while signing up, such as location services and information. Another 18 percent would not download if they did not know the developer or company.