Advertisment

Blood, Ink or HTML5: Part Two

What makes certain use-cases best for native design, and others apt for HTML5? Does security also matter?

author-image
Pratima Harigunani
New Update
ID

INDIA: In part one of the story, we covered a lot of ground on HTML5, but some potholes and landmines still remain.

Advertisment

Secure-ity- A tough spelling

Are there any code-exposure vulnerabilities making the chore easy for hackers with HTML5 applications, specially as files are often cached on the user machine and encryption of HTML5 content is easier said than done due to browser-execution hitting a wall?

Advertisment

ID-100187978 Heavy use of JavaScript component in web apps is a point to consider: Akash Sureka, Persistent Systems

In the reckoning of Akash Sureka - Vice President - Practice Head Mobility, Ux, Social & API at Persistent Systems, Hybrid/Web apps and mobile web do have security loopholes like that of regular websites due to heavy use of JavaScript component in such web apps. But so is the case for native mobile apps as well.

“Code, Data, Transactions and API are the three most critical security parameters which makes native mobile apps hackable similar to hybrid apps or mobile web. Offline capabilities of an app brings inherent security vulnerabilities in apps. So security concerns are no more restructured to hybrid apps in that ways.”

Advertisment

Native apps, as he argues, can provide best of security measures as opposed to hybrid apps or mobile web as it has lesser injections possibilities for hackers, provided all code, data and API are secured using appropriate methods and tools.

Numerous mobile apps can unintentionally leak other personal data: Ritesh Chopra, Norton Numerous mobile apps can unintentionally leak other personal data: Ritesh Chopra, Norton

Advertisment

Ritesh Chopra, Country Manager, India, Norton by Symantec points out that Symantec analyzed 71 percent more apps in 2015 and more than three times as many (230 per cent) more were classified as malicious. A 30 percent rise in grayware was observed owing in large part to a 77 percent rise in apps containing unwanted malware.

“Consistently we have witnessed a significant proportion of available mobile apps not following the best practices when it comes to information security. Symantec’s research on the security of popular health and fitness apps highlights that many mobile apps do not securely handle user credentials which may compromise user/device security and privacy in various ways. Numerous mobile apps can unintentionally leak other personal data because of how they execute their functionality.”

No hemming and hawing

Advertisment

HTML5-Native hybrids have come up as splendid answers for now. So have projects like Crosswalk and Ludei ,open source libraries like Modernizr etc. Plus, APIs are making it possible for reducing hardware-access issues on mobile; and the progress made by JS to native bindings which allow tapping into any native feature from a web app or standards for plug-ins like Cordova; are good signs.

Sureka seconds that there is considerable amount of uptake on webapps (also called as hybrid apps) vs. native apps in many app categories , from rapid launch-to-market stand point.

“However the decision to go with webapps vs. native apps should not depend on current market scenario but as required by user experience for that app category. Many apps which need high amount of user experience in terms of engagement like commerce, games, social, messaging, maps, transactions, etc are and will always be driven native as opposed to webapps, due to rich features and experience which can be built using native capabilities, which is also aligned for many B2C apps.”

Advertisment

If an app has to be built for internal stakeholders, you could go for a HTML5 app: Vishwas Mudagal, GoodWorkLabs If an app has to be built for internal stakeholders, you could go for a HTML5 app: Vishwas Mudagal, GoodWorkLabs

You may also like to go by what Vishwas Mudagal, CEO, Co-founder, GoodWorkLabs recommends. “As a rule of thumb, if an app has to be built for internal stakeholders (for example, your internal employees or your sales force), you could go for a HTML5 app. Because here you can compromise on the finish and pixel perfectness. And you can save money and effort by developing once for iOS and Android both.”

Advertisment

Sureka echoes that thought. “Apps which are more of utility in nature and is meant for quick or task based use, like in that of B2B scenarios, and also in some category of B2C scenarios, are more better suited for web apps which require rapidity to be launched in the market with minimum user experience.”

Another point not to be missed here is the very relevance of the web, and that’s something not going anywhere. Many players have second-guessed their web-out, app-only strategies in a matter of few months. Even devices like Leap Motion controller or the Oculus Rift VR are rooting for the web.

HTML5 has definitely swaggered in at a right time. Does it turn out Bahl, Nonch or Wess; would depend on if and how soon it pronounces the new-age technology vocabulary better than native apps.

But then, when it comes to languages: Nothing is written in stone.

app security