Mobile Zone is brought to you in partnership with:

Matt has been paid to develop software for the past 12 years. He specializes in mobile and web development and has recently been doing a lot with Windows Phone 7. He runs DevEvening (http://devevening.co.uk/) a .net focused user group in Surrey and the Windows Phone User Group (http://wpug.net/) in London. He blogs at http://blog.mrlacey.co.uk/ and tweets at @mrlacey & @wpug. Matt is a DZone MVB and is not an employee of DZone and has posted 102 posts at DZone. You can read more from them at their website. View Full User Profile

Security and Access to SMS

01.06.2013
| 2984 views |
  • submit to reddit

 Lots of Windows Phone developers want access to SMS*. It's an interesting data source and can allow the creation of lots of useful, helpful and interesting apps. There are security implications of allowing such access though and, unfortunately, most developers seem happy to ignore this or not take it seriously.

Today I heard about a scam that was only possible due to SMS access and "stole an estimated 36+ million Euros from more than 30,000 bank customers from multiple banks" (emphasis mine).


You can read more about the Eurograbber attack here but I think the important takeaway for developers is to focus on security and not easily dismiss or criticise platform limitations and restrictions that are there to protect the person who's phone it is.


And for everyone entering passwords or security information on a website. Always type in the domain for a website directly. Avoid following links, especially if it's a shortened or redirect link.


* If you don't know, Windows Phone does not allow developers of third party apps to access a phone's SMS history as part of it's strategy for protecting data security.

Published at DZone with permission of Matt Lacey, author and DZone MVB. (source)

(Note: Opinions expressed in this article and its replies are the opinions of their respective authors and not those of DZone, Inc.)