iPhone app security

Discussion in 'iOS Programming' started by joeptp, May 13, 2014.

  1. joeptp macrumors member

    May 13, 2014
    Hi everyone,

    I am new here and hope that I am posting in the appropriate forum for my question.

    I have a team developing a website and iPhone/Android app to work with the website as well.

    So the website stores user information and the apps can access this information and the user can add/edit the information as well from the app instead of using the website. Similar to Facebook.

    So from what I know the app communicates to a web service to exchange this data. What are recommended methods to secure this data from being compromised and does this communication leave a door open for hackers to hack the database on the server?

    I am sorry if I sound completely noob on this topic, but I don't have much knowledge about apps. I have knowledge about websites, and that part I have all security measurements ensured, but now I am worried that the app will leave some vulnerabilities up and want to cover all corners.

    I appreciate any help and thank you for taking the time to help me.
  2. 1458279 Suspended


    May 1, 2010
    You asked if the data on the server can be hacked or if the ability of using an app to access that server data leaves the data open for a hack.

    I can only answer part of this by saying: As I understand it, everyone encrypts the data on the server. Meaning that NOTHING you want to keep secure would ever be in a usable form.

    If you are thinking of storing data in raw/natural form, don't. If you think a password should open the door to raw data, don't do it.

    In other words, the data being stored or transmitted to the device should be in encrypted form.

    I'm sure others know more than me on this subject but understand that some of the biggest companies with teams of professional developers have been hacked.
  3. joeptp thread starter macrumors member

    May 13, 2014

    Thanks for your reply.

    The data will be fully encrypted in the database via PBKDF2 and the website will use SSL.

    Just wanted to make sure I am covering all corners, I understand that preventing hacking is impossible.

    I am new to the app business and hope to learn how to program them soon, but right now I am having another company make the app for me. So I understand website security, but not app security. Any advice is greatly appreciated.

Share This Page