While working on a recent project — a business automation system for an insurance company with one function that allowed for sending important, confidential e-mails to a select number of users simultaneously — our Azoft development team encountered a problem: The mail server with which our app worked couldn’t verify if an email recipient’s account was active. Since it is crucial for the company to know whether certain individuals have received an email or not, we enhanced the system to be able to process undelivered email and generate automatic sender notifications that include all necessary information (incorrect email address, specific error returned, etc.).
If you don't work with mobile security on a daily basis, you might feel stuck when it comes to how the app you are working on needs to deal with sensitive data that cannot be exposed to third parties. Googling “mobile security practices” might scare you even more but, actually, in most cases there is no need run penetration tests or use sophisticated security testing techniques. A number of simple steps will do fine.