COVID-19 has transformed the mobile app economy in some big ways. Overnight, more people and more businesses than ever are using and relying on mobile apps. Here at Appdome, we wanted to know if mobile consumer expectations about the security in mobile apps has also shifted. And if so, by how much – so we asked mobile users directly. Understanding mobile consumer perspectives is critical to building sustainable mobile economies, protecting mobile data, and protecting mobile users. We hope you find this COVID-19 Mobile Consumer Survey research useful in building your own mobile business.
Executive Summary of Appdome’s COVID-19 Mobile Consumer Survey
This is a four-part blog series that examines consumer attitudes toward mobile app security, including how the pandemic has shaped mobile consumer expectations and perceptions about mobile app security. Given the extensive nature of the research, I’ll cover the results in separate blog posts as follows (this blog is part 1):
- What Consumers Expect in Mobile App Security
- Mobile Threats and Consumer Fears
- Global Trust and Expectations
- Appdome’s Annual State of Mobile App Security research
In the first three parts of this series, I’ll reveal the results of our research on the critical questions impacting the security of mobile businesses and the mobile economy in COVID-19. Then in the final part of this series, I’ll discuss how mobile consumer expectations match up against the reality of how app developers are securing mobile apps. In other words, I’ll compare what consumers expect vs what mobile developers actually do when it comes to securing mobile apps and data. Read on to learn more.
Methodology Behind the COVID-19 Mobile Consumer Survey
The data used in the COVID-19 Mobile Consumer Survey came from multiple internal and external sources, including a new independent survey Appdome conducted with over 4,000 mobile consumers in the United States and globally. We asked each respondent a series of questions about their mobile app usage, experiences, and purchasing behavior. Next, we asked about their their expectations regarding app security and their reactions to security threats and mobile app breaches. The results were stunning, relevant, and extremely useful.
The COVID-19 Mobile Consumer Survey is the Voice of the Consumer
The COVID-19 Mobile Consumer Survey truly reflects the voice of the consumer. It revealed new and emerging attitudes and beliefs mobile consumers have about mobile app security. Understanding these attitudes and beliefs are a critical part of any viable mobile strategy. It’s extremely important to understand what level of security mobile consumers expect. Furthermore, we wanted to know if mobile consumers will hold brands accountable when their mobile data or trust is breached. Lastly, we believed it was important to gather this information straight from the source – from mobile users themselves. After all, they are the most important element in the whole mobile ecosystem, aren’t they?
Now let’s dive into the data.
Mobile App Use in COVID-19
With COVID-19, the role mobile apps play in our lives has grown in importance. We use mobile apps for just about every relevant function in our lives – both our personal and work lives. We know that mobile app usage has grown significantly since the outset of the pandemic. All key metrics such as app downloads, engagement, time and money spent in apps have all experienced significant increases. App Annie published a fascinating report on this.
We saw similar trends in our own research. For example, in the COVID-19 Mobile Consumer Survey, 89% of mobile users reported using up to 10 mobile apps daily. This is up from 5 mobile apps prior to the pandemic.
Mobile App Trust in COVID-19
We asked mobile users questions about their comfort level using mobile apps as well as how much they trust the apps they use. The results were surprisingly low. For example, we asked “How comfortable are you with making purchases and other financial transactions on mobile apps in COVID-19?” Only 39% of respondents stated that they are comfortable making purchases using mobile apps. Said another way, that means 61% of respondents are less than comfortable or not comfortable at all with mobile app purchases. Wow.
We also wanted to explore whether mobile consumers’ trust levels varied by app type. It turns out that there is a difference, but the difference is not significant. For example, we asked consumers “How much do you trust” 7 different app types. The list included (1) Mobile Banking apps, (2) Food Order & Delivery apps, (3) Retail & Shopping apps, (4) Healthcare apps, (5) Money Transfer apps, (6) Mobile Gaming apps, and (7) Ride Share & Gig Economy apps. Users were asked to rate apps on a scale of 1 to 5 stars (1 star being low trust, and 5 stars being high trust). Surprisingly, no single app type received a high trust score from greater than 40% of respondents.
A Lot of Work is Still Needed to Gain Mobile User Trust
Mobile Banking apps were the only app type that received 40% of respondents reporting the highest level of trust (i.e., 5-star rating). Rideshare & Gig economy apps, it turns out, had the lowest number of respondents reporting high levels of trust (at 16.6%). They also had the highest number of respondents reporting the lowest level of trust (at 23.1%). We suspect that this could result from the string of vulnerabilities or bad press these apps have experienced. No matter how you slice it, the data revealed that the mobile industry has a long way to go in order to build and retain consumer trust.
Interestingly, the data across all app types also revealed that for every 1x percentage point decline in the number of respondents reporting a high degree of trust, there was a 1.25x – 3x increase in the number of respondents that reported the lowest degrees of trust within the same app type. This means that trust is largely binary. Either mobile consumers trust the app or they don’t – there’s no middle ground.
Mobile Consumers Expect Developers to Protect Mobile Users
Against this backdrop, we wanted to understand a bit more about mobile users’ expectations regarding app security. We believe this information is critical to helping mobile developers understand the unique requirements for building and delivering secure mobile apps to consumers.
As part of the COVID-19 Mobile Consumer Survey, we asked mobile consumers directly, “Do you feel that brands have a higher duty to protect mobile users due to COVID-19?” Here, we really didn’t know how mobile consumers would answer this question. Some folks at Appdome had believed there would be no change, while others thought security expectations would increase. It turns out that more than two thirds (68%) of mobile app consumers feel very strongly that mobile app makers have a higher obligation to protect mobile users in the pandemic.
This survey data produced a real “wow” factor here at Appdome. We found this extremely significant, particularly given that respondents were shown 3 out of 5 responses that allowed them to rank their expectations “neutral” to “no more than usual.” On the other hand, it made sense given the low trust scores above.
If mobile consumers are nervous about security, it seems logical that they would expect mobile developers to do more to protect mobile data and users. No matter what, the data is clear. Mobile consumers expect mobile developers to apply security best practices (at a minimum) to ensure a secure app experience and protect their data.
Consequences of Mobile App Breaches in COVID-19
So far, the COVID-19 Mobile Consumer Survey revealed three important considerations for mobile developers and security teams in: (1) mobile usage is up dramatically (2) trust in mobile apps is low, and (3) mobile security expectations are high. But what about the consequences of failing to protect mobile data and users, or an actual breach? There too, the COVID-19 Mobile Consumer Survey revealed a dramatic shift in consumer emotions during the pandemic.
Protect Mobile Users or Expect Harsh Reactions
The COVID-19 Mobile Consumer Survey revealed developers should expect a harsh reaction to security issues (real and perceived). The data shows that mobile users will abandon mobile apps that either fail to protect their data or experience a breach. We asked “If you discovered your app doesn’t protect your data, how likely are you to stop using it?” An overwhelming 70% of mobile users responded that they would stop using a mobile app if they learned the app did not protect their data.
This response held true even in the absence of an actual breach. The COVID-19 Mobile Consumer Survey data only got worse when the question focused more specifically on apps they cared about. For example, we asked “If your app got breached or hacked, how likely are you to stop using it?” Nearly 80% of mobile users said they would stop using a mobile app if the app was breached or hacked.
These findings seem to put a harsh exclamation point of the data found in the COVID-19 Mobile Consumer Survey. Mobile consumers believe developers have a higher duty to protect mobile data. And they will vote with their feet and overwhelmingly abandon mobile apps that fail to protect users and app usage. This has dramatic implications for mobile app business models and unit economics. In particular, churn and other key metrics such as lifetime value of users may be at risk. It means that any public vulnerability disclosure or breach could have a profoundly negative impact on the mobile business.
The Impact to Mobile Business Metrics
Given the high usage, high expectations, low trust and harsh consequences, mobile developers find themselves at a crossroads. Those that choose to secure the mobile app experience should enjoy better growth and unit economics. Those that choose not to secure the mobile app experience will face lower growth and unit economics. More importantly, those that choose not to secure their mobile apps in face a ticking time bomb, where the app’s lack of security could destroy the mobile business model entirely – in a flash.
No matter what, the COVID-19 Mobile Consumer Survey data confirms that while mobile app users and mobile app use have exploded, mobile consumer sentiment has not kept pace. Consumers are using more mobile apps more than ever. But, mobile consumer trust in the mobile experience has not kept pace with the increased usage. More importantly, the COVID-19 Mobile Consumer Survey data revealed strong emotional undertones and strongly negative reactions on the part of mobile consumers – both about developers’ duty to protect mobile data and the consequences of not taking security seriously.
Trust Is Critical to Every Mobile App Business
Now let’s talk a little about the trust. Forrester measures brand “Trust” as a major factor in its Consumer Energy Index. The index tracks consumer readiness and willingness to engage with mobile brands. In the latest release, Forrester cited a dramatic drop in Trust during COVID-19. According to Forrester, “this indicates that consumers are less optimistic that people and companies will follow through on the promises they make.”
Losing trust impacts everything. From the Average Revenue Per User (ARPU) and Lifetime Value (LTV) of users, to churn and user acquisition cost. Several studies have shown that trust is critical to sustaining a higher than average ARPU, LTV, and retention (low churn). The COVID-19 Mobile Consumer Survey data shows mobile consumers have a high degree of anxiety with mobile apps in the pandemic. And they will react severely and emotionally to poor security and/or a breach of a mobile app. As a result, mobile developers are advised to play it safe and at a minimum implement mobile security best practices.
Recommendation for Mobile App Developers: Protect Mobile Users!
The COVID-19 Mobile Consumer Survey reveals that mobile consumers place a high degree of confidence in the apps and brands they trust. They expect mobile app developers to protect their use and ensure a safe mobile experience. If mobile consumers perceive that app makers do not take their trust seriously, their reactions can be strongly negative and can cause lasting damage to a company’s brand and revenue. At the same time, one can expect that the inverse also holds true – good security can be a competitive advantage.
Here at Appdome, we view the emerging mobile consumer viewpoint as an opportunity for all mobile developers to meet or exceed the new expectations of secure mobile apps. We believe a best practice security model can serve three purposes:
- Avoid the harsh churn and abandonment consequences of poor security
- Improve growth in unit economics and mobile app revenue
- Position the developer, app and mobile business as leaders in mobile trust and security on behalf of its users
Against the backdrop of the COVID-19 Mobile Consumer Survey, our recommendation is to move fast and follow industry best practices for securing your app. For all transactional apps and apps with personally identifiable information, best practices include a wide range of security measures such as encryption, obfuscation, application shielding, OS-integrity, MiTM attack prevention and more. You can also use Appdome to implement the recommended security features the same day, no code or coding required. You can also use Appdome to make your app Certified Secure™, each and every time you release your app.
Contact Appdome to get a free assessment of your current mobile app security. After the assessment, we’ll provide you with a recommended security model for your specific app.
What’s Next – COVID-19 Mobile Consumer Survey
I encourage you to take a look at our next blog in this 4-part series. Next up, we’ll dive deeper into the specific fears and threats that are top of mind for mobile consumers. After that, I’ll reveal the international similarities and differences in mobile consumer expectations about mobile app security. Finally, stay tuned for the last blog of the series where I will cover our State of Mobile App Security research. Learn how the world’s biggest brands measure up to mobile user expectations about app security.
Thank you, and Build Safe!