Skip main navigation
We use cookies to give you a better experience, if that’s ok you can close this message and carry on browsing. For more info read our cookies policy.
We use cookies to give you a better experience. Carry on browsing if you're happy with this, or read our cookies policy for more information.

Security controls

We have already mentioned security controls in a previous step. But what are they?

Security controls are the countermeasures or the safeguards that are used to detect, avoid or minimise a risk.

The outcome of the risk assessment will be a list of risks in order of priority. We now need to identify the appropriate security controls for each risk.

Weeks 3 and 4 of this course will discuss in detail some of the most important security controls for the Android platform, but in essence they can be distilled down to three key principles.

The three key principles for security controls:

  1. Never ever trust users’ input.

  2. Always protect your data in transit and when stored on the phone. Use encryption and whatever security features are provided by the platform (in our case Android).

  3. Restrict an application’s permissions to the absolutely minimum necessary for the app to function properly.


There are links to more detailed information about security controls available from the bottom of this page.


Share this article:

This article is from the free online course:

Secure Android App Development

University of Southampton

Contact FutureLearn for Support