Many mobile web applications are susceptible to common attacks such as Cross-Site Scripting or SQL Injection. Mobile passwords are notoriously insecure. Don’t allow sharing of authentication information between sites, says author. Mobile devices are more easily lost or stolen than a computer, he says. The most successful and secure mobile applications are ones that don’t implement all of the functionality of the main application into the mobile version, said Clark. The application should use the device’s encryption functionality to protect data at rest.”]
Source: https://www.csoonline.com/article/2124933/there-s-an-insecure-app-for-that.html