In May 2019, Kotlin, a programming language for modern multi-platform applications, became Google’s preferred language for Android app development. As a result, many developers have shifted from using Java, the original language for building Android apps, to embracing Kotlin. According to a recent survey, 62% of developers are now using Kotlin to build mobile apps, with an additional 41% using Kotlin to build web-backend projects, meaning the language is here to stay.
In tandem with Kotlin’s emergence, we’re also seeing a greater emphasis placed on mobile application security from prominent organizations, including the U.S. Government. Its recent Study on Mobile Device Security, commissioned through the Department of Homeland Security (DHS) in consultation with the National Institute of Standards and Technology (NIST), found that vulnerabilities in applications are usually the result of failure to follow secure coding practices and these vulnerabilities typically result in some sort of compromise to a user’s data—serving as a wakeup call to the industry at large.
Now, more than ever before, and in light of National Cybersecurity Awareness Month taking place throughout October, it’s important for developers to familiarize themselves with Kotlin and understand secure coding best practices for mobile apps when it comes to using this language. To do this, let’s look at some of the common pitfalls when using Kotlin: