Tag Archives: Coding

How to Safely Encrypt Sensitive Data in Your Mobile App

Android Development, iOS Development, , , , , , , , , , , , ,

In November 2014, cybercriminals perpetrated one of the biggest cybercrimes of the decade. They hacked into Sony’s computer systems, stole sensitive data, paralyzed the company’s operations, and gradually leaked embarrassing information to the media. The hackers threatened to continue until Sony agreed to pull the controversial comedy The Interview from its theatrical release.

As the headlines will tell you, the encryption of sensitive data is one of the most important investments a company can make. Facebook is currently under heat for data protection practices. The UK National Crime Agency called WannaCry a signal moment for awareness of cyberattacks and their real world impact. With the stakes higher than ever, the encryption of sensitive data in apps has never been more important.

Here are our top tips on how to safely encrypt sensitive data in your mobile app.

TIP #1: Coding and Testing

Writing secure code is fundemental to creating a secure app. Obfuscating and minifying code so that it cannot be reverse engineered is critical to keeping a secure environment. Testing and fixing bugs when they are exposed should be an ongoing investment of resources as it will pay off in the long run.

Tip #2: Scramble Data

Sometimes, the best method of encrypting data is scrambling. Software and web developers often become obsessed with storing every bit of data in databases and logs, assuming it may be useful later, but doing so can create a target for cybercriminals.

Cunning developers will only store a scrambled version of the data, making it unreadable to the outside eye, but still useful for those who know how to query it correctly.

For an in-depth dive into scrambling data, check out this awesome essay on how Amazon does it.

Tip #3: In Transit Vs. At Rest Encryption

There are two types of data to be encrypted: in transit data and at rest data. In transit data is moving data, be it in transit via email, in apps, or through browsers and other web connections. At rest data is stored in databases, the cloud, computer hard drives, or mobile devices. In transit data can be protected through the implementation of robust network security controls and firewalls. At rest data can be protected through systematically categorizing and classifying data with data protection measures in mind.

Tip #4: Secret Vs. Public Key Algorithms

Secret Key Algorithms are algorithms that use the same key for encryption and decryption. Public-key algorithms us two different encryption keys, one for encryption and the other for decryption. The public key is how the data is sent and the private key decodes it. Public-key algorithms are more secure, but require more computer processing power.

Tip #5: Blockchain Cryptography

We’ve covered the Blockchain in our past article on The Revolutionary Mechanics of the Blockchain. Blockchain cryptography has been on the rise because blockchain databases are distributed and thus more resilient in the face of a DOS attack.

Tip #6: Apps that Clean Up after Themselves 

Apps that collect sensitive information don’t necessarily need to store it. It is wise to delete sensitive data from mobile apps when the data is no longer in active use.

Tip #7 Choose the Right Algorithm

There are several popular pre-existing algorithms in existence that can be used to encrypt sensitive data in mobile apps. Check out UpWork’s awesome rundown:

  1. Advanced Encryption Standard (AES)
  2. RSA
  3. IDEA
  4. Signal
  5. Blowfish and Two Fish
  6. Ring Learning With Errors or Ring-LWE

Over the last 10 years, enterprise-wide use of encryption has jumped by 22 percent according to the Ponemon Institute. When building a mobile app, investing in encrypting sensitive data will pay off in the long run and haunt those that short-change it.

Swift Execution: Apple’s New Programming Language Shakes Up Tech Community

iOS Development, , , , , , , , , , , , , ,

In July 2010, Chris Lattner, at the time a Senior Manager and Architect for Apple, began working on a brand new programming language. He developed it at night and on weekends and told no one, not even his closest friends and colleagues. After a year and a half, he had outlined the basics of the new language and proceeded to reveal his creation to the top executives at Apple. Initially impressed, they gave him a few seasoned engineers to help on the project. After 18 months, it became a “major focus” for the company with a huge team of developers working with Lattner. Little did Lattner know in July 2010, he had begun a project which would potentially change the world of app development.

Swift is Lattner’s creation: a new programming language developed and marketed by Apple designed specifically for iOS and OS X development. Companies have created programming languages before, such as Go, a language created by legendary designers Ken Thompson and Rob Pike for Google, but Swift is a different beast. Wired says “[Swift] could achieve mass adoption with unprecedented speed.”

What exactly makes Swift so groundbreaking? For one, it’s designed specifically for iOS. App developers are constantly designing apps for Apple products, be it iPhones, iPads or MacBooks. Apple is at the forefront of the tech revolution and every year pushes the industry forward into the future. Swift offers a language which caters directly to iOS and OS X development. It will soon become the premiere language on which to develop iOS and OS X apps.

Swift is also more approachable than previous counterparts. “It’s more of a helpful language. It understands what you’re doing a little bit better and allows the computer to help you figure it out a bit better,” says Mike Ash, a programmer for Plausible Labs, in Wired. Swift hopes to appeal to the average programmer and make the process of coding not only easier, but more interactive.

One of the most innovative and exciting features in Swift is PLAYGROUND. Playground allows developers to code on one side of their computer screen, while watching the results appear on the other side. It makes coding not only more fun, but more interactive.  At the Apple World Wide Developers Conference, Lattner demonstrated the feature by making real-time changes to an animated circus game while the crowd watched.

Check out the video of Lattner’s demonstration via YouTube. (Note: the video opens with Apple’s initial introduction of Swift featuring a bunch of great, specific info for iOS developers. Lattner’s presentation begins at 3:30).

Playground was designed with the hopes that “By making programming more approachable and fun, we’ll appeal to the next generation of programmers and to help redefine how Computer Science is taught.” says Lattner on his homepage. Objective-C forced developers to wait for their project to compile and run before allowing them to test any code changes, a time-consuming process. The instant feedback of Playgrounds makes the process of coding less daunting and more fun for neophytes.

Swift aims to replace Objective-C, which is the most prominent coding language (and will remain so until Swift [presumably] seizes the crown). Swift doesn’t aim to replace Objective-C off the bat. As mentioned in the Apple Developers Conference, Swift can work concurrently with Objective-C to fit into an app originally developed using Objective-C, however, the hope is that when Swift gains popularity Objective-C will become obsolete for iOS Developers.

Objective-C and Swift are different in a number of ways. As we’ve discussed, Swift is more accessible to new developers. The abbreviated syntax makes for easier and more intuitive coding, at the expense of being less verbose (easy to read) than Objective-C. Switching over to Swift, experienced developers will have a bit of an adjustment period before they can read it with ease, but it’s a minor set-back considering Swift’s potential impact on the developer community.

For more on the differences between Objective-C and Swift, check out this awesome run-down via fastcolabs.com

While only time will tell what Swift’s ultimate legacy in the developer world will be, the immediate impact is undeniable. Swift has already been thrust into computer science curriculums across the country. The interactivity in the app development process created by Playgrounds makes coding more accessible and will surely draw a lot more people into app development. The big question is whether Swift will convince non-Apple developers to migrate.

For more first-party information on Swift, check out Apple’s Swift Developer Guide. Also, stay informed on the latest updates by checking Apple’s Swift Blog.

Mystic Media is an app development and marketing firm with vast experience in iOS and Android application development. Learn more by clicking here or by phone at 801.994.6815