Thursday, August 29, 2019

Android Google Play App Affects Million With A Malware

Did google prevent another data scandal from happening?

Russian Mobile App FaceApp was under the scanner for allegations of data theft and whatnot. Google has once banned another Shanghai-based mobile application which goes by the name of CamScanner and has been on the play store since 2010.

Following Google, I/O 2018 google unveiled its smart lens functionality, following which a
top android app development company made the CamScanner integrated the Optical
Character Recognition feature which is capable of fetching texts from business cards, cam
cards or even cam cards from salesforce.


1. Probable Causes:
The primary revenue for CamScanner has been ads and in-app purchases. But according
to some reports from Russian antivirus firm Kaspersky, recent versions of the app found a
Trojan designed to deliver malware to Android devices which were embedded within its new
advertising library.
As per Kaspersky, the malware was designed to show intrusive ads and sign users for paid
subscriptions. Such intrusive ads are highly dubious and no consumer wants to pay for a
subscription he/she never signed up for.
These kinds of trojan droppers are configured to connect the attacker's server and download
any additional code which then executes itself on the particular Android devices on which
the app was running. 


Google has made that application unavailable on the google play store, but its iOS version
is still available on the apple app store.
This could be yet another case of developers accidentally using a malicious ad library,
which is found frequently embedded in otherwise legitimate mobile applications.

BeiTa Plugin, one ad library,  recently started shipping 234 Google Play apps and has
affected some 440 million users. Subsequently, other Chinese Android app developers
have also tried hiding the same library within some 60 apps that had to be removed again
from the Google play store.  

2. Prevention:
Following this incident, mobile app developers should note that advertising policies
should be taken more strictly and should access every advertiser before falling prey
to any unscrupulous advertisers.
Prevention & security

Following this incident, android app developers have removed the malicious code in the
recent versions of the cam app. 
3.Importance of User Reviews:
User Reviews

Since its inception, the app has been performing really well and has plenty of positive
reviews from the 1.8 million reviews it managed to score. However, a batch of negative
reviews bought the application to the attention of Kaspersky and this clearly tells how
even the most reputed and longest-running applications can become the victim of such
a threat.
For more latest updates about android app development services
or mobile application development services, you can directly reach us out at
Brainmobi.com.

Thursday, August 22, 2019

5 features to integrate mobile app security in mobile app development


Mobile applications are a totally different domain in the world of software when it comes to development and delivery when compared to the cycles of normal software development. Mobile application security is one of the most crucial topics of concern without which all of your other features shall remain vulnerable to total extinction. As one of the best mobile application development company, we have a set of security tips compiled by the most consistent mobile application developers and testers which have always succeeded in securing any mobile application experience.



1.Support Integration With MAM/MDM

Mobile data encryption has been proven effective when it comes to securing data in a sandbox. This can be done by using SQLite Database Encryption Modules or even by offering file-level encryption across different platforms. Hence when a mobile application accesses enterprise and other confidential data, unstructured information gets stored within the device storage.

2.Support Integration With MAM/MDM

Mobile Application Management (MAM) and Mobile Device Management (MDM) solutions are widely used adoptions by several organizations to minimize app and device-related threats. MAM and MDM enable mobile application users to stores to maintain regulated distribution, wrapping employee apps within multiple security layers, remotely wipe app and device data. App security always remains of the highest order when inbuilt support is provided using various MDM/MAM vendors.
Difference b/w MAM & MDM

3.Source Code Encryption

According to recent reports came to our notice that malicious code infects more than 12 million devices right this minute. The most common way attackers do this is by repackaging popular applications into rogue applications and publishing the same. Mobile Malware is known to tap bugs and vulnerabilities within the design and source code of the mobile application. For these reasons, it is important for the source code to be encrypted. Javascript, for‌ ‌instance, simple to read and further minification can help to make it more difficult to read and interpret for especially for any 3rd party intruder who is alien to the code. Hence encrypting will ensure that the source code is not accessed by anyone else.

4. Platform Specific Limitations

If your application is targeted towards several devices and multi-platforms such a case the security features and the limitation of each platform might vary. Hence the code needs to be written accordingly for each platform. What also should be taken into account is the different use case scenarios, encryption support, password support, and geo-location data support for the OS. After this, you shall be able to appropriately control and distribute the app on the platform you have chosen.

5. Security For Data-In-Transit

Sensitive information which is sent from the client to the backend servers is prone to a lot of privacy leaks and data theft and therefore needs to be equipped with proper protection methods. Employing support methods like VPN and SSL tunnels gives a level of assurance to developers of the fact that their data remains behind strict security measures and thereby succeed in protecting data from eavesdropping and theft.
Security for data



As one of the top testing and quality assurance company, we at BrainMobi pay each and every attention to the best security and testing mechanisms in the knowledge book. Our QA team and inhouse testing strategies have helped our clients achieve the most resilient of mobile applications that have thrived various conditions of vulnerability. If you have the idea for a mobile application or web application and seek the same commitment on the grounds of security as we have mentioned, feel free to write to us at sales@brainmobi.com.