Mobile & Application Security Glossary

The essential terms behind mobile and application security, from Mobile Threat Defense to RASP, phishing to code obfuscation, and the regulations that govern them. Search a term or browse by category, and tap any card for the full definition.

99 terms
Threats & attacks

Malware

Any software built to harm, exploit or gain unauthorised access to a device, app or network. Mobile malware includes trojans, spyware and adware, often hidden inside apps that look legitimate.

Why it matters: Mobile malware is increasingly sophisticated and evades basic checks, so automated, behaviour-based detection is essential.

Threats & attacks

Spyware

Malware that covertly gathers data from a device, such as messages, location, contacts, keystrokes or camera and microphone feeds, and sends it to an attacker.

Why it matters: On mobile, spyware can turn a phone into a surveillance device, threatening both privacy and corporate confidentiality.

Threats & attacks

Stalkerware

Commercially available spyware marketed to monitor another person, often installed with brief physical access to their phone to track location, messages and calls.

Why it matters: It blurs the line between consumer app and surveillance tool, and can quietly expose highly sensitive personal data.

Threats & attacks

Ransomware

Malware that encrypts a victim's data or locks a device, then demands payment to restore access. Mobile variants may lock the screen or hold app data hostage.

Why it matters: As more business runs on mobile, a locked device can halt operations and pressure victims into paying.

Threats & attacks

Leakware

Extortion malware that threatens to publish stolen confidential data unless a ransom is paid, sometimes called doxware. The pressure comes from exposure, not encryption.

Why it matters: Mobile apps hold contacts, messages and documents, exactly the sensitive data leakware weaponises.

Threats & attacks

Adware

Software that aggressively displays or injects advertisements, often bundled into free apps and sometimes tracking users or redirecting them to malicious pages.

Why it matters: Beyond being intrusive, adware can degrade device performance and act as a gateway to more harmful payloads.

Threats & attacks

Banking Trojan

Malware that targets mobile banking and payment apps, typically stealing credentials through fake login screens or by intercepting one-time codes.

Why it matters: It directly targets financial data and can bypass some authentication, making it a high-impact mobile threat.

Threats & attacks

Keylogger

A tool that records keystrokes on a device to capture passwords, messages and other typed information without the user's knowledge.

Why it matters: On mobile, keyloggers can harvest credentials for both personal and corporate accounts in the background.

Threats & attacks

Rootkit

Malicious software that gains privileged (root) control of a device while actively hiding its own presence from users and security tools.

Why it matters: By operating at a deep level, rootkits are hard to detect and can neutralise other protections on the device.

Threats & attacks

Botnet

A network of compromised devices controlled remotely by an attacker, used to send spam, launch attacks or commit fraud. Infected phones can be silently enrolled.

Why it matters: A device in a botnet consumes resources and lends its identity to attacks, often without the owner noticing.

Threats & attacks

Cryptojacking

The unauthorised use of a device's computing power to mine cryptocurrency, usually via a malicious app or script running in the background.

Why it matters: It drains battery, degrades performance and shortens device lifespan while quietly profiting the attacker.

Threats & attacks

Phishing

A social-engineering attack that tricks people into revealing credentials or data, or installing malware, by impersonating a trusted brand or contact.

Why it matters: Small screens hide URLs and mix personal and work channels, making phishing especially effective on mobile.

Threats & attacks

Spear Phishing

A targeted phishing attack tailored to a specific person or organisation, using personal details to appear highly convincing.

Why it matters: Its personalisation makes it far more effective than mass phishing, especially on mobile devices.

Threats & attacks

Smishing SMS Phishing

Phishing carried out via SMS or messaging apps, using fraudulent texts to lure victims into clicking malicious links or sharing information.

Why it matters: Text messages have high open rates and feel personal, making smishing a fast-growing mobile threat.

Threats & attacks

Vishing Voice Phishing

Phishing over a phone call, where an attacker impersonates a trusted party to manipulate the victim into revealing information or taking a harmful action.

Why it matters: Vishing exploits trust in voice and often works alongside smishing and email in multi-channel attacks.

Threats & attacks

Quishing QR-code Phishing

Phishing that uses malicious QR codes to send victims to fraudulent sites or trigger harmful downloads once scanned with a phone.

Why it matters: QR codes hide their destination and are trusted in public spaces, giving attackers an easy mobile entry point.

Threats & attacks

Man-in-the-Middle Attack MitM

An attack where a malicious actor secretly intercepts, and possibly alters, communication between two parties, such as an app and its server, often over untrusted Wi-Fi.

Why it matters: MitM can steal credentials and session tokens in transit; encryption and certificate pinning are key defences.

Threats & attacks

Man-in-the-Disk

An attack that abuses shared external storage on a device to tamper with data that apps read from or write to it.

Why it matters: Apps that trust shared storage without validation can be manipulated or crashed, opening the door to code injection.

Threats & attacks

Overlay Attack

A technique where malware draws a fake screen on top of a legitimate app to capture credentials or trick users into approving actions.

Why it matters: Because the overlay looks like the real app, users hand over data or permissions without realising it.

Threats & attacks

Tapjacking

An attack that tricks a user into tapping something different from what they see, by overlaying or disguising interface elements.

Why it matters: It can silently grant permissions or trigger actions the user never intended.

Threats & attacks

SIM Swapping

A fraud where an attacker convinces a carrier to move a victim's phone number to a new SIM, hijacking calls and SMS, including one-time codes.

Why it matters: It defeats SMS-based authentication and can lead to full account takeover.

Threats & attacks

Evil Twin Rogue Wi-Fi

A fraudulent Wi-Fi access point that mimics a legitimate network to lure devices into connecting so traffic can be intercepted.

Why it matters: Once connected, users are exposed to interception and man-in-the-middle attacks without any obvious sign.

Threats & attacks

Zero-Day Vulnerability

A security flaw unknown to the vendor with no fix available at the time it is discovered or exploited, leaving defenders zero days to prepare.

Why it matters: Zero-days power the most advanced mobile attacks, which is why behaviour-based detection matters alongside patching.

Threats & attacks

Zero-Click Attack

An attack that compromises a device without any user interaction, for example through a crafted message processed automatically by the phone.

Why it matters: With nothing to click, users cannot avoid it through caution alone, raising the bar for on-device defence.

Threats & attacks

Pegasus & Graphite Mercenary Spyware

Highly sophisticated commercial spyware sold to state and private clients, able to covertly compromise a smartphone, often via zero-click exploits, to access messages, calls, camera and microphone.

Why it matters: They prove even fully updated devices can be targeted, underlining the need for continuous on-device detection.

Threats & attacks

App Repackaging App Cloning

Modifying a legitimate app and redistributing it, often with malicious code added, under the guise of the original.

Why it matters: Repackaged apps trade on a trusted brand to spread malware and harm both users and the app owner's reputation.

Threats & attacks

PUA Potentially Unwanted Application

Software that is not outright malware but behaves in unwanted ways, such as excessive data collection, intrusive ads or hidden tracking.

Why it matters: PUAs blur the line between legitimate and malicious and can quietly leak data from corporate devices.

Threats & attacks

Credential Stuffing

An automated attack that tries stolen username-password pairs across many services, exploiting the habit of reusing credentials.

Why it matters: Reused mobile-app credentials let one breach cascade into many account takeovers.

Threats & attacks

Data Leakage

The unauthorised transfer of sensitive data from a device or app to an external destination, through malicious code, an over-permissive app or a misconfiguration.

Why it matters: Uncontrolled leakage can breach regulations such as GDPR and erode customer trust.

Mobile security

MTD Mobile Threat Defense

A solution that detects and responds to threats targeting mobile devices, spanning app, network and device-level attacks such as malware, phishing and espionage, across Android and iOS.

Why it matters: Management tools alone cannot stop active attacks; MTD adds continuous, automated detection and response without disrupting users.

Mobile security

Mobile EDR

Endpoint Detection and Response applied to smartphones and tablets: continuous monitoring, investigation and automated response on mobile endpoints.

Why it matters: Mobile devices are full endpoints handling corporate data, yet are often less monitored than laptops; Mobile EDR closes that gap.

Mobile security

EDR Endpoint Detection and Response

A security approach that continuously monitors endpoints to detect suspicious activity, investigate incidents and respond, originally built for laptops and servers.

Why it matters: It shifts security from prevention only to detection and response, a model now extended to mobile.

Mobile security

XDR Extended Detection and Response

A platform that correlates detection and response across multiple layers, endpoints, network, cloud and email, for a unified view of threats.

Why it matters: Feeding mobile signals into XDR helps security teams see attacks that span several channels.

Mobile security

Mobile Threat Intelligence

Curated analysis of the security posture of public mobile apps, evaluating them for vulnerabilities, privacy risks and malicious behaviour before use.

Why it matters: It lets organisations vet apps and anticipate risks before they reach devices.

Mobile security

Secure Private Store

A company-branded, private app store to distribute and secure corporate apps and documents on employees' or partners' devices, without managing the devices themselves.

Why it matters: It enables secure BYOD and external collaboration by protecting data at the app level rather than the whole device.

Mobile security

Jailbreaking

Removing Apple's restrictions on an iOS device to gain privileged access and install software from outside the App Store.

Why it matters: A jailbroken device loses key built-in protections, making it far easier for malware to reach corporate apps.

Mobile security

Rooting

Gaining privileged administrator access on an Android device, bypassing the manufacturer's restrictions.

Why it matters: Rooted devices lose important safeguards and are a common target for malware and data theft.

Mobile security

Sideloading

Installing an app from a source other than an official app store, such as a file or a third-party store.

Why it matters: Sideloaded apps skip official vetting, a frequent route for malware onto corporate devices.

Mobile security

Device Attestation

A process that cryptographically verifies a device's integrity and state, confirming it has not been tampered with or compromised before granting access.

Why it matters: It gives apps and services trustworthy proof of device health, a building block of Zero Trust.

Mobile security

Sandboxing

Isolating an app so it runs in a restricted environment, limiting its access to the rest of the system and other apps' data.

Why it matters: Sandboxing contains the damage a malicious or buggy app can do, a core mobile-OS defence.

Mobile security

Biometric Authentication

Verifying identity using physical traits such as fingerprint or face recognition, widely used to unlock devices and approve actions in apps.

Why it matters: Biometrics improve usability and security but must be implemented carefully to avoid introducing new risks.

Management & BYOD

MDM Mobile Device Management

Software that lets IT enrol, configure, monitor and remotely wipe mobile devices from a central console, enforcing policies such as passcodes and app restrictions.

Why it matters: MDM manages devices but does not detect active threats, so it is most effective paired with Mobile Threat Defense.

Management & BYOD

EMM Enterprise Mobility Management

A framework combining device, application and content management with identity controls to secure enterprise mobility.

Why it matters: EMM handles management, not threat detection, which is why it is often complemented by an MTD layer.

Management & BYOD

UEM Unified Endpoint Management

A platform that unifies the management of all endpoints, mobile, laptops and desktops, from a single console, evolving from MDM and EMM.

Why it matters: UEM streamlines management across device types but still needs a dedicated threat-defence layer.

Management & BYOD

MAM Mobile Application Management

Managing and securing specific apps and their data, rather than the entire device, including deployment, configuration and selective wipe.

Why it matters: MAM is ideal for BYOD, protecting corporate apps without controlling the user's personal device.

Management & BYOD

BYOD Bring Your Own Device

A policy that lets employees use personal smartphones and tablets to access corporate resources such as email, files and applications.

Why it matters: BYOD boosts flexibility but personal devices sit outside direct control, so data must be protected without invading privacy.

Management & BYOD

COPE Corporate-Owned, Personally Enabled

A model where the company owns the device but allows limited personal use, balancing control with employee flexibility.

Why it matters: COPE gives IT more control than BYOD while keeping devices usable for staff.

Management & BYOD

CYOD Choose Your Own Device

A model where employees pick from a company-approved list of devices, which the organisation then manages and secures.

Why it matters: CYOD narrows the range of devices to support, simplifying security and compatibility.

Management & BYOD

COBO Corporate-Owned, Business-Only

A model where company-owned devices are restricted to business use, with personal use disabled.

Why it matters: COBO maximises control and is common in high-security or frontline environments.

Management & BYOD

Containerization

Separating corporate apps and data from personal content on the same device using an isolated, encrypted container.

Why it matters: It lets organisations secure and wipe business data without touching the user's personal side, key for BYOD.

Management & BYOD

Remote Wipe

The ability to erase data from a device remotely, either fully or selectively, for example when it is lost, stolen or an employee leaves.

Why it matters: It limits data exposure when a device is out of the organisation's hands.

Management & BYOD

Geofencing

Using a device's location to apply security policies within virtual boundaries, such as restricting features in certain areas.

Why it matters: It lets organisations enforce context-aware rules, for instance disabling cameras on secure sites.

App security

MAST Mobile Application Security Testing

Automated analysis of Android and iOS apps to uncover security flaws, privacy issues and unwanted behaviours, for both first-party and third-party apps.

Why it matters: Organisations rely on many external apps and libraries; MAST lets them vet these at scale rather than trusting them blindly.

App security

DAST Dynamic Application Security Testing

Testing an application while it runs, probing its behaviour and interfaces from the outside to find runtime vulnerabilities.

Why it matters: DAST catches issues that only surface during execution, complementing static analysis.

App security

IAST Interactive Application Security Testing

Analysing an app from inside while it runs, using instrumentation to combine the strengths of static and dynamic testing.

Why it matters: IAST pinpoints vulnerabilities with greater accuracy and fewer false positives.

App security

RASP Runtime Application Self-Protection

Security built into an app so it can detect and respond to attacks in real time, on the user's device, while it runs, for example spotting malware, network attacks or unsafe environments.

Why it matters: RASP protects the app in the field, where perimeter defences do not reach, and can react automatically.

App security

In-App Protection

A layered approach that builds security directly into a mobile app, combining shielding, anti-tampering and runtime self-protection (RASP).

Why it matters: It protects the app on any device, without relying on the device's own security posture.

App security

Application Shielding

Protection techniques applied to an app to make it resistant to tampering, reverse engineering and cloning by hardening its code and runtime.

Why it matters: Once published, an app runs on devices the vendor cannot control; shielding is its last line of defence.

App security

Code Obfuscation

Transforming an app's code so it still runs correctly but becomes very hard for a human or tool to read and understand.

Why it matters: Obfuscation slows reverse engineering, protecting business logic, keys and intellectual property.

App security

Reverse Engineering

Taking apart a compiled app to understand how it works, recover its logic or extract secrets such as keys and API endpoints.

Why it matters: Attackers reverse-engineer apps to find weaknesses or clone them; shielding and obfuscation counter it.

App security

Anti-Tampering

Mechanisms that detect and react when an app's code or runtime is modified, for example by refusing to run or wiping sensitive data.

Why it matters: It stops attackers from altering app behaviour or bypassing security controls after release.

App security

Certificate Pinning

Configuring an app to trust only a specific server certificate or key, rather than any certificate from a trusted authority.

Why it matters: Pinning blocks many man-in-the-middle attacks that rely on fraudulent but valid certificates.

App security

Root / Jailbreak Detection

Checks that let an app determine whether it is running on a rooted or jailbroken device and respond accordingly.

Why it matters: Detecting a compromised device lets an app protect its data before an attacker can exploit it.

App security

Emulator Detection

Techniques that identify whether an app is running on a real device or in an emulator often used for analysis or fraud.

Why it matters: It helps block automated abuse and reverse-engineering carried out in emulated environments.

App security

Hooking Frida / instrumentation

Intercepting and altering an app's function calls at runtime, often with tools like Frida, to inspect or change its behaviour.

Why it matters: Attackers use hooking to bypass controls; runtime protection detects and blocks it.

App security

Vibe Coding

Building software mainly by describing what you want to an AI assistant, which generates the code, rather than writing it by hand.

Why it matters: AI-generated code can multiply vulnerabilities if it is not security-tested, making automated testing essential.

App security

Vulnerability

A weakness in code, configuration or design that an attacker can exploit to compromise a system or its data.

Why it matters: Identifying and remediating vulnerabilities early is the foundation of application security.

App security

API Security

Protecting the application programming interfaces that apps use to exchange data, against abuse, unauthorised access and data exposure.

Why it matters: Mobile apps depend heavily on APIs, making them a prime target and a critical thing to secure.

Standards & compliance

Compliance Audit

An assessment that checks whether a mobile app or fleet meets the security and privacy requirements of applicable regulations and standards.

Why it matters: Regular audits demonstrate compliance and catch gaps before regulators or attackers do.

Standards & compliance

OWASP MASVS Mobile App Security Verification Standard

An open, industry-recognised standard from OWASP defining security requirements for mobile apps, used as a baseline for design, development and testing.

Why it matters: MASVS gives teams a shared, measurable reference for what secure enough means, making assessments consistent.

Standards & compliance

MASA Mobile App Security Assessment

An App Defense Alliance programme under which independent labs verify that an app meets a defined mobile security baseline.

Why it matters: A MASA validation signals to users and partners that an app has passed independent security checks.

Standards & compliance

ISO 27001:2022

An internationally recognised standard for information security management systems (ISMS), setting out how organisations manage and protect the information they store, process or access.

Why it matters: Certification shows customers and regulators that security, including on mobile, is managed systematically.

Standards & compliance

GDPR / RGPD

The EU regulation governing how personal data is collected, processed and protected, applying to any organisation doing business in Europe.

Why it matters: Mobile apps routinely handle personal data, so GDPR shapes how they must be built and secured.

Standards & compliance

NIS2 Directive

An EU directive strengthening cybersecurity requirements for essential and important entities across many sectors, expanding the earlier NIS directive.

Why it matters: NIS2 extends security and reporting duties that increasingly cover mobile usage and applications.

Standards & compliance

DORA Digital Operational Resilience Act

An EU regulation requiring financial entities to withstand, respond to and recover from ICT-related disruptions and cyber threats.

Why it matters: DORA raises the bar for operational resilience, including the mobile channels finance now relies on.

Standards & compliance

PSD2 Payment Services Directive 2

An EU directive regulating payment services, requiring strong customer authentication and secure data handling for banking, wallet and payment apps.

Why it matters: Payment and banking apps must meet PSD2's authentication and security rules to operate in the EU.

Standards & compliance

DPA UK Data Protection Act

The United Kingdom's data protection law, which replaced GDPR in the UK after Brexit while mirroring its principles.

Why it matters: Organisations processing personal data of UK users must comply with the DPA or face fines.

Standards & compliance

HIPAA Health Insurance Portability and Accountability Act

A U.S. regulation protecting the privacy and security of individuals' health information (PHI), including in medical and telehealth apps.

Why it matters: Health apps handle highly sensitive data and carry serious HIPAA obligations.

Standards & compliance

PHI Protected Health Information

Any health data that can identify an individual, such as medical records, prescriptions and insurance details, protected under regulations like HIPAA.

Why it matters: Health apps must safeguard PHI throughout collection, storage and transmission.

Standards & compliance

PCI DSS Payment Card Industry Data Security Standard

A global security standard for organisations that handle credit card data, requiring cardholder data to be protected, including in mobile payments.

Why it matters: Mobile devices aren't secure by default, so PCI DSS demands added protection for payment apps.

Standards & compliance

SOC 2 Service Organization Control 2

An AICPA standard assessing how service providers manage data security, availability, processing integrity, confidentiality and privacy.

Why it matters: A SOC 2 report reassures customers that a provider's controls, including for mobile apps, are audited.

Standards & compliance

PIPEDA Personal Information Protection and Electronic Documents Act

Canada's federal privacy law governing how organisations collect, use and disclose personal information in commercial activities.

Why it matters: Apps and services operating in Canada must protect personal data under PIPEDA.

Standards & compliance

FTC Act Federal Trade Commission Act

U.S. legislation empowering the Federal Trade Commission to enforce fair business practices and protect consumer privacy, including for app developers.

Why it matters: It requires businesses to provide accurate, transparent information about data collection and protection.

Standards & compliance

CISA Mobile Checklist Mobile Device Cybersecurity Checklist

A checklist from the U.S. Cybersecurity and Infrastructure Security Agency to strengthen mobile device security, covering configuration, updates, app security, MDM and phishing.

Why it matters: It offers a practical baseline for hardening mobile devices in any organisation.

Standards & compliance

CVE Common Vulnerabilities and Exposures

A public catalogue of known security vulnerabilities, each with a unique identifier so teams worldwide can reference the same flaw.

Why it matters: CVE IDs let teams track, prioritise and patch known weaknesses consistently across their dependencies.

Standards & compliance

Zero Trust

A security model based on never trust, always verify, where no user, device or app is trusted by default and every access request is continuously validated.

Why it matters: Mobile devices connect from anywhere, so their posture must be verified continuously, a core Zero Trust input.

Standards & compliance

MFA / 2FA Multi-Factor Authentication

Authentication that requires two or more independent proofs of identity, such as a password plus a one-time code or biometric.

Why it matters: MFA sharply cuts account takeover, but the mobile channel itself is targeted, so the device also needs protecting.

Standards & compliance

Encryption

Encoding data so only authorised parties can read it, protecting information both stored on a device (at rest) and sent over networks (in transit).

Why it matters: Strong encryption is fundamental to keeping mobile data confidential even if a device or connection is compromised.

Standards & compliance

IOC Indicators of Compromise

Forensic evidence that a device or system may have been breached, such as malicious file signatures, domains or unusual behaviour.

Why it matters: Sharing IOCs lets defenders detect and respond to the same threat faster across their fleet.

No term matches your search.

Put these concepts into practice

Protect your mobile endpoints and applications with solutions trusted by global tech leaders and recognised by top analysts.

Scroll to Top