Popularity of mobile applications continues to grow. So does OAuth 2.0 protocol on mobile apps. It's not enough to implement standard as is to make OAuth 2.0 protocol secure there. One needs to consider the specifics of mobile applications and apply some additional security mechanisms.

In this article, I want to share the concepts of mobile OAuth 2.0 attacks and security mechanisms used to prevent such issues. Described concepts are not new but there is a lack of the structured information on this topic. The main aim of the article is to fill this gap.

Alexandr Epaneshnikov, a 19-year-old Russian student who is legally blind, recently decided he wanted to be more independent by commuting on his own and relying less on his mom for rides to school. It meant taking a streetcar to a subway to his high school in Moscow, a 30-minute trip that Epaneshnikov assuredly navigates with a cane and Moovit, an urban mobility app optimized for screen readers.

In general, the productivity of coding superheroes is measured by the number of lines of code and the quality of the code they write. It means, when the developer churns out the output compared to input, they are declared as productive. Presently, every company wants a productive programmer to accelerate time-to-market and enrich mobile app user’s experience that helps them stand ahead of the competitors.

Alas! All the developers are not productive. Most of them, pull their hairs when the deadline is around the corner, when finding the source of bugs seems a hard nut to crack in, or when the client is complaining about the features not meeting the business needs. The reason behind for not performing to the peak efficiency is they work hard, but not smartly.

The developer’s productivity can be augmented when they work prudently, make the most out of the time, and incorporate the best practices.