Building Secure Windows Phone 8 Apps – The Platform
Security on the Brain
Security is something we all know is important, but is it something that we always do? Most likely, not always. That’s partially because security is complex and takes time to implement. Many of you, these days, don’t have that time (it’s all about shortest time-to-market, right?) to think about security. You make sure that minimal security checks and balances are there, but that’s about it. Totally understand.
But security doesn’t have to be complex to implement once you know what you have already available to you in the frameworks and products that you use every day. Over the course of the next few weeks, check back often as we’ll be demystifying different aspects of application security, simple things you can do to protect your applications, how to use the tools and frameworks you’re already using as your lines of defense against hacking, and more.
Feel free to start or join discussions in the Canadian Developer Connection LinkedIn group to give and receive thoughts and feedback on these or any other topics from fellow Canadian developers and experts.
It would not be right of us to talk about how to build secure Windows Store apps and not do the same for Windows Phone apps. In this first of two guest posts, Mark Arteaga explores the security features that are built right into the Windows Phone platform.
Guest post by Mark Arteaga, Microsoft MVP
Building Secure Windows Phone 8 Apps (Part 1 of 2) – The Platform
Application security for developers is a very large topic, but Windows Phone does make adding security to an app easier for developers and also to help keep an end users data safe. With an article recently published on Building Secure Windows Store Apps, pretty much all of those concepts can be used on Windows Phone 8. I thought it fitting to describe some of the security features available on Windows Phone that developers get for free and what is available to use within their apps.
Trusted Boot & Code Signing
![Secure_Boot[1]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/60/29/metablogapi/2248.Secure_Boot1_5AF59670.jpg "Secure_Boot[1]")
Windows Phone 8 is based on the ARM version of Windows 8 so a lot of the security features available on the desktop come for free on the phone such as Trusted Boot and Code Signing. What are these for? Basically these features help protect the phone boot process and operating system from malware attacks (ie rootkits) by making sure only validated software components execute. The Trusted Boot technology validates Windows Phone firmware images and all boot components have digital signatures that are cryptographically validated. This helps ensure that only authorized code can execute to initialize the device and load the operating system, Windows Phone.
This helps protect the integrity of the phone and also the end user from potential malware.
App Platform Security
![security110628151442[1]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/60/29/metablogapi/4478.security1106281514421_56157365.jpg "security110628151442[1]")
As the Windows Phone platform is pretty well protected with Trusted Boot and Code Signing, there is still the opportunity for other forms of malware that could make its way to the end users phone that could potentially disclose or capture user’s data or even corporate data. There are a few things Microsoft does to prevent this which developers should be aware of.
- Chambers - Introduced with Windows Phone 7 security model, you can think of a chamber as your app running within its own sandbox or silo not having any access to other apps chambers. Every app, including Microsoft apps, OEM Apps and Third Party Apps will run in their own chamber and have to declare their capabilities.
- Capabilities - A chamber will disclose what operating system capabilities an app is required to use to function. A capability can be accessing user location using GPS, camera access, sensor access, and microphone access as well as others.
The following is a list developers should know when developing for Windows Phone:
- If an app attempts to use an operating system capability without declaring it, an exception will be thrown at runtime.
- If you are building multiple apps, you won’t be able to communicate between the applications or share data between the apps unless you use the cloud.
- If you are building multiple apps and you want to get a device ID using Windows.Phone.System.Analytics.HostInformation.PublisherHostId, this will return a different value in each app.
- If you are building web apps, Internet Explorer also runs in its own chamber preventing web apps from accessing other app resources or operating system features.
Protecting Your IP
![kblock[1]](https://msdntnarchive.blob.core.windows.net/media/MSDNBlogsFS/prod.evol.blogs.msdn.com/CommunityServer.Blogs.Components.WeblogFiles/00/00/00/60/29/metablogapi/6136.kblock1_731E222D.jpg "kblock[1]")
As developers, we work hard to create our software and want to make sure it’s protected when users start downloading it and using it. Once your app passes certification requirements, the app will be digitally signed on behalf of the developer and made available in the Windows Phone store.
To help protect a developers hard work, a valid license that is issued by the Windows Phone Store must be present on the users phone to be able to run. So if someone does figure out how to download the app and load it onto their phone, Windows Phone will not allow the app to run since the license is not available.
As a developer this is great as it helps curb someone pirating your app and since all XAP files are encrypted, it helps prevent a lot of casual snooping of your app code files but things to remember are:
- Obfuscate your code if you are using .NET to make it harder to decompile your app
- Use C++ to make it more difficult to hack your app or protect critical pieces of code
- Use Windows Phone Enterprise Distribution if it’s an enterprise type application
Links and Resources
Here are a list of resources used for this article which contain more information
- Windows Phone 8 Security Overview - Trusted Boot, Code Signing and App Platform Security as well as other security features available in Windows Phone,
- Windows Phone 8 Security Deep Dive – Slideshare presentation by David Hernie.
- Security for Windows Phone
What’s Next?
This is not an exhaustive list of the security features available in Windows Phone 8, but this introduction and resources should get you started if you want to learn more about it.
In part 2 of this post, I’ll go over some of the APIs and techniques to help secure your apps and help your users feel safe when using your apps.
As always, if you have any specific questions or concerns about Windows Phone app security, how to implement any of these, or if you read something that you want to find more about, feel free to start a new discussion in the Canadian Developer Connection LinkedIn group. Mark, community experts, and your fellow Canadian developers are there to answer and share.
This post is cross-posted from Mark Arteaga’s blog .