Consumer Demand for Better Mobile App Security and Intensified Regulatory Scrutiny Create Need for Increased Cyber Resilience

By Alan Bavosa, VP of Security Products at Appdome

The mobile app economy will continue to expand at an increasing pace, as evidenced by consistent data from Appdome’s consumer surveys, spanning over 75,000 consumers across 12 countries in 2021, 2022, and 2023, that reveal a migration to the mobile app channel to buy, save, share and support the brands they love. Mobile app traffic is now the dominant channel for brand interaction. As the mobile security space transforms from a niche, specialty market to a mature industry, regulatory and compliance scrutiny are also heightened. With scrutiny and compliance requirements intensifying in regions like LATAM, APAC, the US and the UK – the cybersecurity industry will witness a surge in emphasis, and demand, for mobile security and mobile-centric hiring practices in 2024.

Consumer expectations for mobile app security are growing and so is regulatory and compliance scrutiny. This means that mobile brands and developers must accept that the onus of protecting global consumers from cyber threats – be it hacking, data theft, fraud, or malware – falls squarely on their shoulders. More directly stated: users do not want to own security and are holding brands accountable for the protection of all personal data, and beyond.

In the U.S. alone, according to Appdome’s 2023 consumer survey, an eye-opening 73% of consumers confessed they would drop an app quickly if they sensed even the slightest weakness in security – and will abandon brands that don’t seem to care about their security or protect them.

Mobile consumers are becoming more and more cyber-savvy and expect app makers to build comprehensive security into mobile apps, moving the baseline from basic cyber protections to comprehensive mobile app defense. In fact, the survey found that consumers expect mobile brands to go one step further by preventing fraud instead of detecting and reimbursing them after it occurs. A staggering 82% of mobile consumers said they preferred mobile brands to stop mobile fraud before it started. Only 15% said they prefer to be reimbursed after it happens, and only a negligible amount (about 2%) said fraud protection is not important to them.

When asked who should bear the responsibility for mobile app protection, the majority of global consumers (56%) said they expect the mobile brand or developer of the app to protect them.

To meet the growing demands of consumers and regulatory entities alike, cybersecurity teams must start adopting developer best practices to ensure not only compliance but also cyber resilience. Cyber resilience in mobile apps is the ability to withstand and recover from security incidents or attacks in real time. For the longest time, the thought has been that mobile app developers should adopt cybersecurity best practices.

The release cycle for developing or updating mobile apps is very rapid – and short – with the entire workflow, including every tool used within, being automated. Traditional mobile app security tools, however, are the exact opposite of this as they rely on manual effort or impose cumbersome operations, and do not fit into the DevOps workflow – at all. This leads to security being ignored altogether, or the implementation of “bare minimum” security measures, which still requires a large time and effort commitment by the development team.

Tools, such as those provided by Appdome, that give developers a way to implement comprehensive security in a way that fits right into their existing, automated workflow, without any work on their part, are crucial for effectively implementing cybersecurity best practices in the development cycle.

Put simply, the only way that cybersecurity is going to have a true seat at the table is when the industry starts to adopt DevOps best practices. Cybersecurity would thus have an agile and rapid way to build their security model to protect against new threats and attacks that they were able to identify in production.

As before, data from Appdome’s 2023 consumer survey revealed that mobile applications dominate the consumer share of mind and wallet. Additionally, consumers now ‘feel the pain’ and have begun to take any lack of protection in the mobile apps they use personally. Going further, they openly place the responsibility for mobile app defense on the mobile brand and developer providing the app.   Mobile brands are advised to listen to consumers’ biggest fears like hacking, fraud, and malware, and respond to the high cyber and anti-fraud expectations consumers have in using mobile apps for life and work.

A company’s mobile cyber defense culture should always protect the customer first. What is encouraging is that the reward for developers for protecting Android and iOS apps and users is better than ever – an overwhelming 93.6% of global consumers confirm a willingness to promote mobile apps and brands to others if they felt like mobile apps were protecting them, their data, and use. All the more reason to make mobile app protection a top priority.

Photo by Towfiqu barbhuiya: