2009/4/16 Erik Wingren <[email protected]>:
>
> 1. What is your thinking/point-of-view on application-level security
> requirements for a mobile app, where one of its' features is to store
> personal, potentially sensitive data, when the app runs on a mobile device
> that already has built-in security layers at the OS-level?
It depends. If your market consists of enterprise customers who are
using devices managed by their IT department, then you can feel
reasonably safe that the device security will be handled.
I actually don't know of very many other folks who are using any sort
of password protection on their phone. Savvy users are STARTING to
clue in to the problem. Starting. Gmail app recommends that you enable
password protection of the phone. Password protection is off by
default.
The next level of thinking is whether the sensitive data requires a
network connection to see, and just how sensitive the data is.
Consider viewing the current status of my stock portfolio. This
clearly is sensitive data, but how sensitive? Most people, if they
lose their phone, will both deactivate their previous device and
acquire a replacement. They don't want to pay for purchases and use
somebody else is going to make with their phone.
So, a stock portfolio status has a 24 hour period in which a thief (or
lucky person) might possibly look at the data. This is a pretty small
risk.
Allowing changes to a portfolio: VERY large risk. Require password. Period.
Also consider pre-paid customers, who are adopting web and apps as
well. (Pre-paid is more popular amongst Hispanic communities, and
mobile data adoption is higher amongst Hispanics). That same phone, on
a pre-paid plan, when lost will not likely recovered. It might not be
deactivated ("oh, it just has $5 left on it; I won't bother.")
So the security hole is a bit larger for this group.
I think the best solution is to somehow detect type of plan and
whether the device's password is on. We can't do that if we are
working on downloaded apps or web sites.
Instead, consider having an application password, on by default, with
advanced users having the ability to explicitly turn it off.
I also admire the two-level system adopted by many bank sites and at
least the 1Password application. You enter the service using a first
password (perhaps with the option of turning it off), and you can get
to a lower-sensitivity level of data. Much of the time this is all you
need. Sometimes you want access to more detailed, sensitive, or risky
data. In those cases, the user must enter a second password or PIN.
>
> 2. Does anyone have evidence to share, formal or anecdotal, on the percentage
> of iPhone/mobile users that complete registration (asking for
> email-as-username and password) when this is required on initial use?
>
For which application? What type of application? From what you
suggest, the app wouldn't work otherwise.
I do know that (for at least some large set of iPhone apps) 75% of
downloads aren't opened after day 1. See slides 12-14 here:
http://www.slideshare.net/pinchmedia/iphone-appstore-secrets-pinch-media
(same link: http://tinyurl.com/ahhcvl )
So there are already major issues. I'd consider carefully doing
anything to push those statistics even further down.
Try it out for your own app, with analytics from somebody like Flurry
or Pinch Media.
> 3. Same as above, but to what degree repeat usage starts trailing if login is
> required on subsequent uses?
I've not seen stats like that. But go look at those three slides. They
are sobering. Are you making money off of those subsequent views?
~~~~
Barbara Ballard
Skype: barbara_ballard
Twitter, Delicious: barbaraballard
email: [email protected]
1.785.838.3003
________________________________________________________________
Welcome to the Interaction Design Association (IxDA)!
To post to this list ....... [email protected]
Unsubscribe ................ http://www.ixda.org/unsubscribe
List Guidelines ............ http://www.ixda.org/guidelines
List Help .................. http://www.ixda.org/help
