Analysis of Recent TrendCandy Survey Highlights Rising Client-Side Risk, Customer Churn, and API Abuse
Guardsquare, the leading provider of mobile application security, today released its analysis of new independent research conducted by TrendCandy, revealing a widening “client-side trust gap” that is leaving organizations exposed to mobile app security incidents, customer churn, and backend API abuse.
The global survey of 1,360 mobile app developers and security leaders found that 72% of organizations experienced at least one mobile app security incident in the past year, and 65% reported customer churn or app uninstalls as a direct result of security issues. Despite these impacts, many organizations continue to rely on outdated, OS-level security assumptions that fail to protect mobile apps operating “in the wild.”
“Mobile apps operate outside traditional trust boundaries, but many organizations still rely on OS-level security assumptions that attackers routinely bypass,” said Erica Sheehan, Chief Marketing Officer of Guardsquare. “This research shows the trust gap is already translating into real business impact, from customer churn to increased backend risk.”
Speed Pressure and AI Are Compounding Risk
The analysis highlights how development velocity and AI adoption are accelerating mobile app risk:
- 79% of respondents cite time-to-market pressure as the top barrier to stronger mobile app protection, reinforcing persistent misconceptions that security slows development.
- 96% of developers report using AI-assisted tools to build mobile apps and SDKs.
- 81% say AI-generated code has introduced new vulnerabilities.
- More than half of developers report uncertainty around how to properly secure AI-written mobile applications.
From Tradeoffs to a New Mobile Security Standard
The research points to a clear shift in how organizations are approaching mobile security:
- 91% of respondents prefer security that spans the entire software development lifecycle (SDLC).
- 96% of organizations using multi-layered protection report fewer mobile app security incidents.
Guardsquare’s analysis concludes that closing the client-side trust gap requires integrated mobile app security that combines automated testing, multi-layered code protection, runtime defenses, mobile API security, and continuous threat monitoring, all without compromising development speed or app performance.
Guardsquare’s full analysis and recommendations are available in the ebook, Gaining Ground on Mobile DevSecOps, available for download at: https://www.guardsquare.com/gaining-ground-on-mobile-devsecops