Mobile Application Security

Security is a very important feature to be taken into consideration while developing a mobile app. Given below are a few pointers to keep in mind while developing a mobile app.

Since a Cordova application is built from HTML and JavaScript assets that get packaged in a native container, you should not consider your code to be secure.

Always validate all user inputs. All the validations should be done on server side before passing the data to backend services. Because an attacker could manipulate your HTML and JS assets.

Never cache sensitive information as it could potentially be retrieved later by an unauthorized user or application.

Use the InAppBrowser when opening links to any outside website. This is much safer than whitelisting a domain name and including the content directly in your application because the InAppBrowser will use the native browser's security features and will not give the website access to your Cordova environment.