Staying Secure in the Mobile Application Ecosystem


The introduction of smartphones, tablets and all types of mobile devices has brought the Internet and all of its amazing interconnected services in the grasp of our palm. As a result we can find a wealth of mobile applications that allowing us to search, generate, edit, store information, as well as communicate and interact with other people.

Irrespective to what a mobile application does or the way a user decides to utilize it, there is always a common denominator. The user generates, shares and stores personal and private information in services created and controlled by third parties. Third parties which most of the time are a black box to the simple everyday user. This means that we are not aware of their legitimacy, technical aptitude and modus operandi.

Let’s take a closer look into the most prominent information captured today by mobile applications:

Email, Mobile Phone Number and User Credentials (Username and Password)

Most mobile applications ask users to provide email address or mobile phone number to be used for authentication and communication. Furthermore, most applications with a private section ask users to create a password, using the already submitted email as a username. We voluntarily divulge and share such information which are part of our digital and personal identity.

Social Profiles for Sign Up and Information Retrieval

Mobile applications also provide the option to connect using social profiles. By doing so, users and mobile applications rely on the social network for authentication, thus protecting the user credentials. However, users agree to share their social profile and allow access to information, ranging from birth date and current location to cultural preferences, educational/professional background, not to mention access to contacts and friends network.


A vast number of mobile applications today utilize some kind of geolocation identification. Users voluntarily record their location in order to “check in” to places and earn rewards. Fitness tracking applications know what time you go for a run or a bike ride and where your home is located. In other cases, users allow tracking of every movement in order to receive suggestions about places of interest (restaurants, sights, etc)

Messages, Photos and Videos

Mobile applications are used to exchange messages with friends. But also to capture, edit, store and share photos and videos of ourselves, our family and friends. This digital information is stored in databases over which we have limited to no control.

Most of the time we provide the above without second thoughts. However, it is important to keep in mind that the moment the data leave our mobile device we basically lose any control over them. We do not imply that all mobile applications and their creators have nefarious goals, but sometimes technical shortcomings or even bad luck can lead to exposure of personal and private information.

The question now is how can we, as everyday users, protect ourselves and mitigate the risks we are facing while divulging such information. Here are some simple suggestions:

  1. Create and use email addresses that do not directly identify with you, for example avoid using your real name as part of the email address. Also you should avoid using the same email address for online services that are critical to you, such as e-banking, and run of the mill mobile applications.
  2. Utilize different passwords for specific types of applications and services and not the same password for all. For example you can use a complex and difficult to remember password for services more important to you and some simpler ones reusable throughout several mobile applications.
  3. Create and use alternative mobile phone numbers through one of the available online services. These services are usually either free or relatively cheap and the generated phone number can place and receive calls, so you can forward it to your main phone number. Furthermore you can use the same number to send and receive SMS messages too.
  4. Filter the information you generate and think before you share. Avoid capturing and sharing photos and videos of family and friends that may cause problems to you and them. Also, a lot of the services with location tracking provide the ability to generate exclusion zones which they do not track: use it to protect your home or office location.
  5. Review and configure the sharing options on your social profile. Check which information mobile applications need to access and what will be posted on your behalf. A good idea is to limit the visibility of the information shared thus protecting yourself from anything being published without your approval.

The goal here is not to scare users, but to provide some insight on the agreement they are getting into when downloading and using a mobile application or any Internet service that handles personal information.

The most important thing is to be knowledgeable and selective of the information you are willing to share and give over control.


3 replies

  1. It is good to see ways to maintain your privacy and security with mobile apps. It is interesting that people are able to compromise that if they try hard enough. However, it is good to know there are systems in play that prevent this the vast majority of the time.

  2. My spouse and I absolutely love your blog and find many of your post’s to be what precisely I’m looking for. Would you offer guest writers to write content available for you? I wouldn’t mind composing a post or elaborating on a lot of the subjects you write concerning here. Again, awesome blog!

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )


Connecting to %s