Following my previous post on Windows Mobile Widget security I got feedback that the proposed solution wasn’t that secure and that it was easily foiled by impersonating the header information, and that the widget should be authenticating the user based on a set of credentials. This is 100% accurate and I whole-heartedly agree…. except we’re looking at two different problems here.
-If the users of your application/widget are known to you (ie they have registered with your site/application and they have a username/password or some other form of credentials), then you should be prompting them to enter their credentials and use that to authenticate against the server. Of course you can then cache these credentials on the device so that the user doesn’t need to re-enter them, or slightly better cache an authentication token that permits them access for a certain period – that way at least someone with physical access to the device can’t extract their actual credentials.
-If the users of your application/widget are not know to you, and you want to limit access to your data service then you need to authenticate your application some how. Unfortunately storing any credentials on the device, unless you write a native module that hides the details, is somewhat problematic as in theory anyone with access to your application can decode the key. In my previous post I discussed a strategy to minimise not eliminate the possibility of someone using your data source without your permission.
I’d be interested to hear of other alternative strategies for protecting anonymous data services.