Thanks to a serious design oversight, owners of popular fitness trackers might not be the only ones tracking their steps.
A study by the University of Toronto's Citizen Lab at the Munk School of Global Affairs found that of the eight most popular wearable fitness devices, only the Apple Watch wasn't spilling users' sensitive data. The other seven failed to include Bluetooth Low Energy privacy, which prevents third parties from tracking the location of the fitness device.
While the devices themselves were leaking location information, the associated apps were exposing even more serious personal data, including login credentials. Researchers were able to stage man-in-the-middle attacks to compromise data being sent to and from the companion app's servers.
It would be a mistake, however, to single out wearables for shoddy design and development. A report published by IT security group Arxan Technologies discovered that almost 85 percent of health apps approved by the U.S. Food and Drug Administration failed to sufficiently address at least two of the top 10 risks identified by the Open Web Application Security Project.
To protect users' data — and, by extension, their company's brand — makers of all sorts of fitness and health technologies must follow design and development best practices. The following four mistakes are those we see most commonly from fitness and health brands:
I know what you're thinking, but don't you dare skip it. A large, well-run beta session provides invaluable user experience feedback and quality assurance testing, saving time and money in the long run. McKinsey & Company found huge disparities between the assumptions made by many digital health companies and the actual wants and needs of their users.
Still worried about breaking the bank with your beta? Try a beta-testing platform like TestFlight, which is recommended by the App Store for installing mobile apps and testing them over the air. TestFlight can help you gain feedback from as many as 10,000 remote users.
Did you know that the average fitness app needs more than 80 hours of testing before it's ready to release? It's tempting to run all those tests in simulated environments, to be sure, but there's a good reason to give your software a test run on real devices.
An emulated device won't unearth every bug that might be lurking in your app, and it might even show some that aren't actually there. So bite the bullet and buy or borrow the 15 or 20 devices most likely to be running your software.
Why limit your real-world testing to the most common 15 or 20 devices? Because you can't hope to support every device and system under the sun. Instead of blowing your budget trying to achieve the impossible, be selective.
Take popular fitness app Strava, for example. The app's creators have discontinued updates for the iPhone 4s and older devices running iOS, as well as Android systems older than version 4.3.0.
Especially on Android, don’t try to keep pace with OEM updates or hardware releases. The Android market is big, and not all manufacturers update devices regularly. Check the Android market share website, and use hard data to decide which devices to support. When in doubt, support everything made within the past year.
You could get away with doing your work the night before it was due in college, but that's not so in the world of app design and development. Delays will happen, and users and investors won't be impressed. Submit your app for approval at least two weeks before its planned launch date, especially if you have launch-day press activities planned.
Why two weeks? Because the App Store's review process, in particular, is infamous for its unexpected surprises. Around 25 percent of submitted apps are turned down for being incomplete, with design and performance issues accounting for 12 and 10 percent of turn-downs, respectively. If your app includes a login, make sure to include credentials for the demo account. Also, be sure your service is up and running on the back end.
I can't promise that designing and developing your fitness or health app won't feel like running a marathon. Especially if you're building it in conjunction with an Internet of Things device, you've got a long road in front of you.
You can, however, get a peek at the path ahead by downloading our free mobile app design and development guide. Then, if you're still struggling to get your app in shape, reach out for some one-on-one help.