We promote learning and collaboration within the technological and scientific community

When we choose libraries for building a mobile application, we usually think about their functionality and performance; “Does it do the right job?” “Will it slow my application down?” But we should also think about security; “Will it make my application vulnerable?” Any application, web or mobile, is built with certain principles of security. Implementing these principles varies slightly for mobile applications due to the threat model being different from that of a web application. It varies further for hybrid mobile applications. In this talk, we will understand these differences and examine the impact external libraries could have on the overall security posture of a mobile application. By using React Native and Flutter frameworks as examples, we will learn 1) how to choose libraries when building a mobile application, 2) how to implement their APIs securely and 3) how to leverage other controls to minimize risks. This talk is inclusive of all skill levels and designed for students, researchers, developers, and security professionals interested in secure mobile application development.