30 May 2014, 12:49
Generic-user-small

Abigail Scott (1 post)

Hi everyone,

I have a question regarding the Phone/Android/Windows app to work with the website as well.

So the website stores user information and the apps can access this information and the user can add/edit the information as well from the app instead of using the website. Similar to Facebook.

So from what I know the app communicates to a web service to exchange this data. What are recommended methods to secure this data from being compromised and does this communication leave a door open for hackers to hack the database on the server?

I am sorry if I sound completely noob on this topic, but I don’t have much knowledge about apps. I only have knowledge on website, and that part I have all security measurements ensured, but now I am worried that the app will leave some vulnerabilities up and want to cover all corners.

I appreciate any help and thank you for taking the time to help me. Thanks!

30 May 2014, 12:55
Generic-user-small

James Dane (2 posts)

I actually loved you question.. am not sure it goes well or not but If you are worried about hacking databases, node goals etc I would focus on securing the backend code and worry less about the frontend. The http calls that come from the app are similar to any AJAX or http requests a website would make to display content. You should use https (SSL) when transmitting identifiable information and make sure you do not have any calls that the user can fiddle directly with your database from a URL.

What do you say?

Reference: http://www.agileinfoways.com/technical-expertise/mobile-applications-development/

  You must be logged in to comment