Mobile Application Taxonomy¶
When we use the term "mobile application" or "mobile app," we are referring to a self-contained computer program designed to execute on a mobile device. At the time of publication, the Android and iOS operating systems cumulatively comprise more than 99% of the mobile OS market share and mobile Internet usage has far surpassed desktop Internet usage. This means that mobile apps are the most widespread types of Internet-capable apps.
Also, this guide uses the term "app" as a general term which refers to any kind of application that runs on a mobile OS. Usually, apps run directly on the platform for which they're designed, run on top of a smart device's mobile browser, or they use a mix of these two methods.
In this chapter, will discuss the following types of apps:
Native Apps¶
If a mobile app is developed with a Software Development Kit (SDK) for developing apps specific to a mobile OS, they are referred to as native to their OS. If we are discussing a native app, we presume it was implemented in a standard programming language for that mobile operating system - Objective-C or Swift for iOS, and Java or Kotlin for Android.
Because they are designed for a specific OS with the tools meant for that OS, native apps have the capability to provide the fastest performance with the highest degree of reliability. They usually adhere to platform-specific design principles (e.g. the Android Design Principles), which usually leads to a more consistent user interface (UI) compared to hybrid or web apps. Due to their close integration with the operating system, native apps generally can directly access almost every component of the device (camera, sensors, hardware-backed key stores, etc.).
However, since Android provides two development kits - the Android SDK and the Android NDK, there is some ambiguity to the term native apps for this platform. While the SDK (based on the Java and Kotlin programming language) is the default for developing apps, the platform's NDK (or Native Development Kit) is a C/C++ kit used for developing binary libraries that can directly access lower level APIs (such as OpenGL). These libraries can be included in regular apps built with the SDK. Therefore, we say that Android native apps (i.e. built with the SDK) may have native code built with the NDK.
Cross-platform Mobile Frameworks¶
The most obvious disadvantage of native apps is that they are limited to one specific platform. If developers want to build their app for both Android and iOS, one needs to maintain two independent code bases, or introduce often complex development tools to port a single code base to two platforms.
Here are some cross-platform mobile frameworks that allow developers to compile a single codebase for different targets, including both Android and iOS:
If an app is developed using these frameworks, the app will use the internal APIs native to each system and offer performance equivalent to native apps. Also, these apps can make use of all device capabilities, including the GPS, accelerometer, camera, the notification system, etc. Even though an app created using one of these frameworks is functionally equivalent to a true native app, they are typically not referred to as such. The term native app is used for apps created with the OS's native SDK, while apps created using one of these frameworks are typically called cross-platform apps.
It's important to know when an app uses a cross-platform mobile framework, because they typically require specific tools to perform static or dynamic analysis. The actual application logic is typically located in framework-specific files inside the app, even though the app also contains the typical code that you would see in a native app. This native code is however usually only used to initialize the cross-platform framework, and provide bindings between the native system API and the framework SDK through so called platform-specific bindings.
Although it is rare, apps can combine native code and cross-platform frameworks, or even multiple cross-platform frameworks, so it's important to identify all the used technologies to correctly cover the entire attack surface of the app.
Web Apps¶
Mobile web apps (or simply, web apps) are websites designed to look and feel like a native app. These apps run in the device's browser and are usually developed in HTML5, much like a modern web page. Launcher icons may be used to parallel the same feel of accessing a native app; however, these icons are essentially the same as a browser bookmark, simply opening the default web browser to load the referenced web page.
Because they run within the confines of a browser, web apps have limited integration with the general components of the device (i.e. they are "sandboxed") and their performance is usually inferior compared to native apps. Since developers usually target multiple platforms with a web app, their UIs generally do not follow the design principles of any specific platform. However, web apps are popular because developers can use a single code base to reduce development and maintenance costs and distribute updates without going through the platform-specific app stores. For example, a change to the HTML file for a web app can serve as viable, cross-platform update whereas an update to a store-based app requires considerably more effort.
Hybrid Apps¶
Hybrid apps are a specific type of cross-platform app which try to benefit from the best aspects of native and web apps. This type of app executes like a native app, but a majority of the processes rely on web technologies, meaning a portion of the app runs in an embedded web browser (commonly called "WebView"). As such, hybrid apps inherit both pros and cons of native and web apps. These apps can use a web-to-native abstraction layer to access to device capabilities that are not accessible to a pure web app. Depending on the framework used for development, a hybrid app code base can generate multiple apps that target different platforms and take advantage of UI elements that closely resemble a device's original platform.
Here are some popular frameworks for developing hybrid apps:
Progressive Web Apps¶
Progressive web apps (PWAs) combine different open standards of the web offered by modern browsers to provide benefits of a rich mobile experience. A Web App Manifest, which is a simple JSON file, can be used to configure the behavior of the app after "installation". These apps load like regular web pages, but differ from usual web apps in several ways.
For example, it's possible to work offline and access to mobile device hardware is possible, which has been a capacity that was only available to native apps. PWAs are supported by both Android and iOS, but not all hardware features are yet available. For example, Push Notifications, Face ID on iPhone X, or ARKit for augmented reality is not available yet on iOS.