I have recently written how anyone using app creating tools based on WebViews or using WebViews in their app needs to be aware of security vulnerabilities. Taking this further, there has been a recent presentation at BlackHat Asia 15 on ‘The nightmare behind the cross platform mobile apps dream‘.
The problem with cross platform is that it provides a uniform environment that offers up a large number of apps that can be hacked in the same way and, as it turns out, can also be more easily hacked. The presentation gives some sobering problems with Cordova, Adobe AIR and Titanium. For example, Adobe AIR’s EncryptedStorage API doesn’t do much and only stores data as Base64 encoded. Titanium’s default https is broken, doesn’t validate the SSL certificate and hence is vulnerable to Man in the Middle (MiTM) attacks.
If you are using cross platform tools then you are passing some responsibility for security to the framework. I am beginning to think platform tools are actually less suitable for Enterprise because that’s where there are usually increased security concerns.
Vision Mobile has a new Developer Economics Q1 2014 report based on a survey of 7,000 app developers in 127 countries. As might be expected, iOS and Android are very dominant and iOS remains as top revenue earner. However, if you want apps to provide revenue, read on.
The ecosystem was worth $68 billion in 2013 and is projected to grow to $143 billion in 2016. This seems like a huge incentive for companies to take up mobile if they haven’t done so already. However, where’s the money? We are told…
"60% of developers are below the “app poverty line”, i.e. earn less than $500 per app per month"
How can this be? How can such a large, tens of billions, market result in such a low income per app? The report provides some extra insights on the revenue distribution across and within platforms…
Even on iOS, a few apps (mainly games I guess) represent the majority of the income. So why do developers continue to develop apps when they aren’t likely to make any money? The report provides some insights on developer motivations…
It can be seen that Hobbyists, Explorers, Product Extenders, Enterprise and, to some extent, Guns for Hire and Digital Media Publishers don’t really care about the ability to generate revenue.
What does this mean for entrepreneurs in the mobile space? Well, if you are thinking of making money from apps (‘Hunters’ as Vision mobile calls them) then you are probably wasting your time unless you think you can be part of the small slice of the market (games?) that makes the majority of the money. Instead you probably need to change your business model to become one of the other categories of developer.
Vision Mobile has results of a new developer survey
including 6,000 respondents from 115 countries. The free report (registration required) also includes information on OS platform market shares and related insights.
"There are no profits to be made in handset production itself. In other words, hardware is dead. Instead, value has migrated to upwards in the technology stack (to services) and downwards (to handset components)."
This situation means that it’s very difficult, if not impossible, for OS newcommers to compete…
"Even Microsoft with an estimated over 5 billion dollars invested in Windows Phone has managed to secure a tiny 3% smartphones sales share in 2.5 years since the platform launched."
The developer survey is full of interesting insights and deeper numbers on the use of HTML in mobile development, developer mindshare and intentshare by mobile OS. There’s also analysis on platform choice vs what developers are trying to achive. There are also numbers on tablet development, revenue models and average revenue per month.
When I read reports such as this I often start wondering what constitutes a ‘developer’. For example, I am an ‘implementing’ developer but my clients might also consider themselves developers. While I don’t do development for intermediaries any more, there are also some types of client who themselves have clients, for example brands, who might also consider themselves as doing mobile development. Similarly, those people working inside companies have managers and end clients who might be seen as developing for mobile.
Vision mobile have sliced developers a different way and have split them into categories based on what they are trying to achieve…
- Guns for hire
- Product extenders
- Gold seekers
- Digital content publishers
The report considers the repercussions of their respective motivations.