Mobile Apps Are the New Attack Surface as 72% of Organizations Are Hit by Mobile App Security Incidents

BOSTON & LEUVEN, Belgium--(BUSINESS WIRE)--Guardsquare, the leading provider of mobile application security, today released its analysis of new independent research conducted by TrendCandy, revealing a widening “client-side trust gap” that is leaving organizations exposed to mobile app security incidents, customer churn, and backend API abuse.

Mobile apps operate outside traditional trust boundaries, but many organizations still rely on OS-level security assumptions that attackers routinely bypass. This research shows the trust gap is already translating into real business impact.

Share

The global survey of 1,360 mobile app developers and security leaders found that 72% of organizations experienced at least one mobile app security incident in the past year, and 65% reported customer churn or app uninstalls as a direct result of security issues. Despite these impacts, many organizations continue to rely on outdated, OS-level security assumptions that fail to protect mobile apps operating “in the wild.”

“Mobile apps operate outside traditional trust boundaries, but many organizations still rely on OS-level security assumptions that attackers routinely bypass,” said Erica Sheehan, Chief Marketing Officer of Guardsquare. “This research shows the trust gap is already translating into real business impact, from customer churn to increased backend risk.”

Speed Pressure and AI Are Compounding Risk

The analysis highlights how development velocity and AI adoption are accelerating mobile app risk:

• 79% of respondents cite time-to-market pressure as the top barrier to stronger mobile app protection, reinforcing persistent misconceptions that security slows development.
• 96% of developers report using AI-assisted tools to build mobile apps and SDKs.
• 81% say AI-generated code has introduced new vulnerabilities.
• More than half of developers report uncertainty around how to properly secure AI-written mobile applications.

From Tradeoffs to a New Mobile Security Standard

The research points to a clear shift in how organizations are approaching mobile security:

• 91% of respondents prefer security that spans the entire software development lifecycle (SDLC).
• 96% of organizations using multi-layered protection report fewer mobile app security incidents.

Guardsquare’s analysis concludes that closing the client-side trust gap requires integrated mobile app security that combines automated testing, multi-layered code protection, runtime defenses, mobile API security, and continuous threat monitoring, all without compromising development speed or app performance.

Guardsquare’s full analysis and recommendations are available in the ebook, Gaining Ground on Mobile DevSecOps, available for download at: https://www.guardsquare.com/gaining-ground-on-mobile-devsecops

About the Research
The research, The Rise of Client-Side Risk and the Trust Gap, was conducted by the independent firm TrendCandy and commissioned by Guardsquare. It surveyed 1,360 mobile app developers and security leaders globally, with a margin of error of ±2% at the 95% confidence level.

About Guardsquare
Guardsquare offers the most complete approach to mobile application security on the market, delivering the highest level of protection, with ease. Guardsquare integrates seamlessly across the full development cycle, from mobile app security testing and code hardening to real-time threat detection and API security. Guardsquare provides enhanced mobile application security across the entire development process. More than 975 customers worldwide across all major industries rely on Guardsquare to help them identify security risks and protect their mobile applications and SDKs against reverse engineering and tampering in the ever-evolving threat landscape. Learn more at Guardsquare.com and on LinkedIn.

All trademarks recognized.