Security for consumer apps
Consumer software can take any form: from most-downloadable social network apps to niche developer tools. B2C companies operate in a tight space: they need to understand customers' goals and needs; they are responsible for sensitive data; they need to respect GDPR, CCPA, COPPA, and prevent data leaks.
Consumer app security is a mix of protecting users data against prying eyes, and at the same time protecting the product against users actions.
Typical challenges for
consumer apps’ security
Lots of data
Minimum lovable product
Massive adoption invites malware
Security hinders growth
E2EE and Zero knowledge architectures
Strong product security
Tools and services we offer
A cross-platform cryptographic library for mobile, web, and server platforms, which solves 90% of typical data protection use cases that are common for most apps. Themis helps to integrate application level encryption fast and easy.Read more
Offers a transparent application level encryption which is easy-to-integrate to already existing infrastructures. Use AcraServer to encrypt database fields “on the fly”, use Acra’s Requests Firewall and Anomalies Detection to protect against suspicious queries.Read more
“Your data is always yours”
We design, implement and verify selective and end-to-end encryption layers for consumer apps. A key to long-time user retention is data recovery: users can lose their passwords or devices. Still, they should have a way to decrypt their data after successful authentication.
Specialized security controls
Verifiable audit logs, anonymous trackable IDs, data pseudonymisation, data firewalls, intrusion detection systems – our software has a modular structure, and we ship single modules too.
We build in security measures that work on every platform: hardware, mobile, web, server-side. They are scalable and easy to maintain, and support high load. We improve security without hurting app releases or breaking UX.
We assist your team in setting up and improving the SSDLC process for app development. We help prioritise security features, find appropriate automation tools, and always sync with the latest security guidelines and regulations.
Auditing and reviewing
We perform security audits and design reviews of existing implementations, how your apps protect sensitive data in storage and in transit, perform authentication, protect API, attest devices, and so on.
Have a question? Get a human to answer it!
How we make a difference
Experience in massive scale systems
Security customised for your use case
Product / UX security expertise
Combining compliance and practical security
Our mission is simple.
We help you focus on serving your customers better, while relieving your team from security engineering pains and making your users confident that their data is safe with you.
There are many ways we can help: with our products, bespoke solutions, and engineering services. Leave your contact information to connect with our team:
OpenSSL for iOS: tricks of OpenSSL semver
Hack the OpenSSL versioning problem when submitting your iOS app to the App Store.
React Native security: things to keep in mind
React Native security: what developers and team leads need to know. Handle risks and threats, prevent typical security mistakes, follow best engineering practices — learn from our experience.
Security of React Native libraries: the bad, the worse and the ugly
How to select a secure React Native library for your app. Sort out improper platform usage, easy to misuse API, deprecated and abandoned libraries – check our research of the React Native ecosystem security.