Shift in Smartphone Market Shares

October 31st, 2014

idc.gifIDC have a new press release showing smartphone vendor shipments for Q3 2014. Samsung lost market share at the expense of Xiaomi, Lenovo and LG. Apple’s market share dropped slightly by 0.9% to 12% meaning shipments of units grew by 16.1% vs 25.2% for all smartphones.


What does this mean for developers? For Android developers it’s going to be increasingly the case that testing mainly on Samsung devices won’t get you the majority of the devices being used. With iOS now having only 12% market share, there’s going to be continuing intolerance by end users of some companies that still only provide an app for iOS.

Related Articles:

Mobile Potential

October 29th, 2014

benedictevans.pngBenedict Evans has a new presentation given at the WSJD conference and also at the a16z Tech Summit. It consists of very many charts showing how Mobile is Eating the World.

There’s also a related healthy discussion on ycombinator where people question what can be really done on a (UI) limited mobile device, others observe that many popular apps don’t necessarily do anything really useful / don’t fulfil devices’ full potential and how some people suspect we might be in a bubble after which there might be 2nd wave of mobile innovation based on less expensive devices.

Related Articles:

WebView Unbundling

October 28th, 2014

arstechnica.gifThere’s an interesting post on ars technica on "Unwrapping Lollipop" talking to "high ranking members of the Android team" about changes to the OS. It includes a very useful breakdown of what’s now in the Android OS, what’s in Play services and what’s distributed via the Play Store.


Of particular interest is that WebView has been unbundled and now comes from the Play Store. The idea is to be able to more-easily (auto) update WebView for performance and security reasons. However, this won’t be for pre-Lollipop devices. In the near-term, there will still be a large number of old devices on old and varied versions of WebView. Also, unbundling has the side-effect that, going forward, non-Google sanctioned, AOSP-derived devices won’t have the latest WebView. Google will obviously care less about this but it will affect the 20% of developers on those platforms.

Related Articles:

Samsung Knox Security Blunder

October 23rd, 2014

samsungknox.pngThere’s an anonymous single-post blog at that takes a look at Samsung’s Knox. Surprisingly, Knox relies on security by obscurity to hide the encryption key, the method of generation of which is now public information. It’s now known that it’s generated using the device’s Android ID and a hardcoded string.

As the author states, a stronger key should be derived using Password-Based Key Derivation Function 2(PBKDF2), from the user’s password, that shouldn’t be stored on the device.

Related to this, if you are instead relying on Android OS disk encryption, you might like to read how this has changed over time. Prior to Android 4.4 it was based on a PBKDF2 with only 2000 iterations, using the lockscreen PIN or password which tends to be short and more amenable to brute force attack.

UPDATE: Samsung have now refuted the problem but there seems to be a confusion/discrepancy between the versions of Knox mentioned by Samsung and the version that comes pre-installed on Samsung phones.

Related Articles:

Mobile Retail Behaviour is Changing

October 22nd, 2014
gfk.gifGfK has new research into mobile consumer behaviour showing double-digit point changes in metrics that measure where and how people are shopping. 


Gfk says that companies should "build out an up-to-date and nuanced shopper insights platform" to provide insights, without which brands will be in a ‘hit-or-miss’ mode in execution. This dovetails well with my Does OS Market Share Matter post where I encouraged analysis of users on a project-by-project or case-by-case basis.

Related Articles:

Android Growing

October 21st, 2014

businessinsider.gifThere’s an upbeat article at Business Insider that says that Android is suddenly growing massively as an e-commerce, advertising and app platform. It says…

"Too many analysts remain attached to an outdated idea of Google’s mobile operating system as fragmented, malware-ridden, and low-end. They believe Android users don’t spend money on mobile and lack lifetime value. This is no longer true."


One of the report’s takeaways, that "mobile business models that neglect or ignore Android risk severely limiting their market potential" reflects some US conversations I have had where it has been said that Android is a blind-spot for many California tech companies.

The report also covers how Android’s ad traffic and revenue share is rising fast and is producing healthy mobile commerce orders for companies. It also explains why Android’s fragmentation problem is overblown.

Negatives include feature creep and bloatware added by carriers and OEMs. I’d also say security is an issue, especially for security sensitive apps that need to make use of payments. Such apps need to take extra measures to protect themselves.

Related Articles:

Android Binder Subversion

October 20th, 2014

androidsecuritylogo.pngSome of the vulnerabilities in Android allow code to be run as root. Alternatively, if users root their device malware can already run as root. However, what can such code then do?

Nitay Artenstein and Idan Revivo of Checkpoint Research have a new presentation and white paper on how intercepting IPC, via the Android Binder, can be used to provide for keylogging, location tracking and intercepting SMS. Indeed, even sending data from one Activity to the next uses IPC and this can be intercepted.

What can Android developers do about this? Well, if you are handling sensitive information you should consider encrypting data before sending it, to/from, for example, a Service or another Activity. The paper also describes how Android’s keyboard also uses Binder and security sensitive apps should have their own keyboard implemented within the app. I have updated my Android Security site to reflect this information.

Related Articles:

Does OS Market Share Matter?

October 15th, 2014

gartner136.gifGartner has new research that compares sales of PCs, tablets and smartphones across the respective operating systems. The headline is that tablet sales are slowing. However, does it matter?

The ever insightful Benedict Evans also has a new post where he explains that we are in the uncharted territory where a minority market share is still very large. He talks of the potential fallacy of "winner (platform) takes all" and suggests that we should look at other things such as the geographic region we are targeting.

Benedict talks a lot about developer revenues and geographic region when choosing a ‘mobile first’ platform and concludes…

"It isn’t so much that ‘maket share doesn’t matter’ (the mantra of Apple fans for decades’) as that you need to think about what kind of market share, where, and whether that matters."

I’d advise you to think and analyse even deeper. I find the emphasis on app revenues and market share slightly concerning. People should be think more about the benefit to their company. This benefit can take many forms. Whether an app is financially viable depends on the kind of app/company as much as it does the platform.

Taking Benedict’s examples of Citibank, Tesco and Carrefour they don’t even sell their apps nor use store in-app purchasing. The fact that iOS users are more affluent probably doesn’t matter for Tesco and Carrefour as iOS customers might be shopping at, at least in the UK, John Lewis and Waitrose anyway. Conversely, I very much doubt many Citibank customers use Android and they would prefer iOS. The key thing here is that these are hunches and guesses.

You need to assess what platform to use on a case-by-case basis and do some market research beforehand as to what devices your users are using and whether they would access your product/service via an app, smartphone, tablet or indeed anything else.

Back to the Gartner headline that tablet sales are slowing. Does it matter? Sales are still of a similar order to PCs and it’s still a large market. What’s probably just as important is whether your end users would access via a tablet and if so, what kind of tablet are they using?

Related Articles: