Top Mobile App Security Trends for 2021 and Beyond
15:46 - 23/02/2021
Mobile device usage has been growing rapidly, with smartphone users already reaching 3 billion worldwide and expected to exceed 3.8 billion by 2021. As mobile continues to become the primary platform consumers use in their everyday lives
1. The Golden Age of Endpoint Security
In the near future, we believe hardware-based cryptography will be more readily available, creating a new era of endpoint security for all mobile apps. Moore’s Law—the consistent improvement in hardware capabilities while costs continue to decrease—means that it’s inevitable that efficient hardware-based cryptography elements will reach all mobile devices eventually.
In fact, the Apple ecosystem already has some hardware-based cryptography elements like Secure Enclave. This is a security coprocessor that’s built into every Apple device to secure sensitive data, so app developers can store encrypted keys and other information. Apple also has complete control over the hardware within its ecosystem, which has enabled the company to more easily roll out new security features and get them adopted by mobile app developers.
Google, on the other hand, has been playing catch-up with its Android ecosystem. It has been more challenging for Android to introduce hardware-based cryptography because the platform runs on a broad range of devices and hardware built by numerous manufacturers. That’s why hardware security approaches like ARM’s TrustZone have failed to get widespread adoption by app developers.
Once it becomes cheap for all devices to include hardware-based cryptography features, and the operating systems give app developers convenient APIs to use them, the endpoint security gap will close. This new level of security, therefore, will greatly improve consumer trust for all mobile users, whether they have Apple or Android devices.
2. IoT Devices Shift to Mobile Operating Systems
The Internet of Things (IoT)—a network of interconnected sensors, cameras, or other devices—is highly sensitive to Bill of Material (BOM) costs and energy consumption. That’s why most IoT devices use an embedded real-time operating system (RTOS), which is often a stripped-down version of Linux built by the manufacturer, to maximize its efficiency.
There will come a point, however, when IoT hardware has more processing power at a much lower cost, and a proprietary RTOS will no longer be necessary. That means security and interoperability may take precedence, and manufacturers could run Android, or even iOS, on their IoT devices. Mobile OSes can offer improved IoT software security, while also integrating better with consumers’ other mobile-centric experiences.
IoT mobile OS adoption is already largely underway, with Google releasing a stripped-down version of its operating system called Android Things and Apple launching its IoT ecosystem HomeKit. These solutions are driving mobile and IoT developers to build software that leverages and supports all Internet-enabled devices for a more cohesive consumer experience.