As the public expects government services to be simple compared to what the private sector offers, many states institutions worldwide embrace the use of digital technology to ease their service delivery. Digital government services can be illustrated as providing amenities within the parastatal and between the public and government by employing the use of modern information and communication technology (Carte et al., 2016). With the increase in technological advancement, mobile devices have been used to deliver government aid. Before the current digital era, government assistance was offered physically where a client had to visit the physical offices and to seek solutions. However, mobile platforms’ emergence has created an opportunity to access government services in their comfort zones. The help ranges from applying for jobs to filing taxes. Currently, most administrative institutions are using e-government because it integrates all services and one application.
Mobile applications are the software designed and incorporated into mobile device to help in accessing digital services. Some apps can be simple and user friendly while others can be complicated, and mostly, they can require security logins, for instance, national identification numbers or passwords (OECD, 2016). Mobile devices that accept the apps include smartphones, and any other hybrid device that uses broadband and cellular. The apps help in communication; thus, they direct the user on the steps to follow to access the services.
In the 21st century, the world has been modernized by technology, enabling people to be more connected than before. Additionally, trade has been eased since entrepreneurs can access the global market with comfort. Technological advancements have ensured that business increases their profits because it aids real-time information delivery; therefore, it enables companies to get immediate feedback from their customers (Carter et al., 2016). Moreover, productivity in employees is enhanced because of the improved functionality. Despite the benefits associated with digital services, there are several risks posed to the public, especially security issues. As the traditional modes of communication, the applications are vulnerable to both internal and external attacks. In most cases, public and other organizations usually complain of unauthorized people obtaining private information without their consent.
The main risks associated with the mobile applications include:
- Insecure communication- In a typical mobile app, information is mainly exchanged in a client-server fashion. This, therefore, implies that during the data transmission via the application, the information navigates the internet and the carrier network of the mobile devices. As a result, attackers can seize the opportunity of the software vulnerabilities and access the user data in the network. Therefore, it can present insecure communication, creating malware in mobile devices.
- Lack of input validation – Input validation enables a company to assess its software; hence, it can prevent the app’s malfunction. Lack of validation imposes harmful codes into the system that can instigate malfunction in the mobile app (Sharma et al., 2018). As a result, attackers can introduce malicious data into the app, thus, breaching data stores. In a real sense, input validation should be conducted immediately after the data is obtained from an externally located source. Although input validation can prevent malicious data if conducted efficiently, it rarely defends the mobile app against security risks.
- Insecure data storage – This usually occurs in different locations within the mobile app, and they include cookies, SQL databases, binary data stores, among others. Insecure data storage can be vulnerable and easily compromised without issues such as a framework and jailbroken devices (OECD, 2016). Attackers can maneuver their acts across the mobile app’s security protocols when encryption libraries are poorly performed, making it easy for the criminals to bypass by using jailbreaking or rooting the mobile devices (Sharma et al., 2018). Any access to the app will allow the attackers to manipulate the original app, enabling them to extract crucial information from the system. Therefore, intellectual property loss and identity theft can be experienced.
- Client code security – issues of code security are usually experienced in mobile applications. They are generally difficult to detect and can take a considerable amount of time to handle. Automated tools are usually used to detect client code security problems, and they are never sufficient; thus, it requires the deployment of a manual system where automation fails.
- Reverse engineering – Attackers can usually read the codes of mobile applications using reverse engineering. They determine how the app operates on the back end; thus, they can backtrack the processes used to make the application, modify the source codes, and expose the algorithm’s encryption used. In other words, the code used to develop an app can be used against the developer, thus, posing severe surety risks.
To curb the security risks, several government agencies have been tasked to propose mitigation measures to improve US citizens’ quality of services. Therefore, the agencies decided to collaborate with other entities to provide Mobile Security Reference Architecture popularly known as MSRA (“Mobile Security R&D Program Guide,” 2019). The program has helped both the government and the private institutions to handle security issues poised by mobile applications, therefore, protecting the citizens.
References
Carter, L., Weerakkody, V., Phillips, B., & Dwivedi, Y. K. (2016). Citizen adoption of e-government services: Exploring citizen perceptions of online services in the United States and the United Kingdom.Information Systems Management, 33(2), 124-140. Web.
Mobile Security R&D Program Guide. (2019). Homeland Security. Web.
OECD. (2016). Digital Government Strategies for Transforming. Public Services in the Welfare Areas. Web.
Sharma, S. K., Al-Badi, A., Rana, N. P., & Al-Azizi, L. (2018). Mobile applications in government services (mG-App) from user’s perspectives: A predictive modelling approach. Government Information Quarterly, 35(4), 557-568.