Posts

Showing posts from 2014

Web Service Security and Native Mobile App User Authentication

Image
In this article I am going to throw some light around web service security,  user Authentication  for native mobile applications and how both the topics are connected. Me along with my cool team members at Zycus were working on the same off lately. The idea is to highlight the fact that it is ideal to implement web service security by being agnostic to the type of web service clients (like mobile apps) but these decisions may impact the mobile app user authentication process. If you are working on a mobile application that requires user authentication and fetching data from a server side application then it is highly likely that you are exposing certain functionality of your server side application via web services that can be accessed over the web by your mobile application. While developing such applications you will usually encounter following challenges.  How to secure the web service endpoints?  How to authenticate users from the mobile app in secure way?  How to ensure t