AlvaroBrey
commented
6 years ago Hi,
Currently, the app is set to lock up when it is closed, or when it's idle for 5 minutes. We will look into making this configurable.
Apart from that, you're right, we should ask for the current PIN before allowing modification or deletion.
Components
The calendula app is personal medication assistant app that help users keep track and effectively manage their prescriptions and drugs use without going through the mental stress of trying to keep it on mind or setting multiple alarms or reminders so as not to miss medications. As good as the application is, I noticed an important feature that is missing in the privacy settings of the app that is responsible for the users privacy protection of information stored in the app.
Proposal
I am proposing that the app request inputting of the current pin in use whenever users are trying to modify/delete or deactivate the pin or fingerprint that is current functioning and being used by the user . And also, the app should request for the pin/fingerprint whenever user is trying to access it even if the app was only minimized after the last use and not totally stopped from running underground as users most times forget to totally shut down an app from running when they are through using it. While using the app, I found out one of my friends bring up discussion about my health/medication issue which I have stored up in my calendula app which I believed was really secured because my pin and fingerprint security was setup. But unknowingly for me, the app does not require a pin or fingerprint authentication before it can be accessed if it was only minimized and never totally closed or shut down. This was how my confidential info got out. Unfortunately, It didn’t stop there as I later found out that my login authentications which include my pin and fingerprint previously set up for the app has been successfully deactivated without my input, this really exposed me to a lot of risk which would be discussed further in the benefits section.
Mockups / Examples
This is an image showing how the current security measure can be easily manipulated by modifying and deleting easily without any form of confirming through user: This image shows how the modify features currently looks
After clicking on modify, you would be taken straight to this page where you are able to enter entirely new pin without having the knowledge of the current one
Here is an image showing how the pin can be deleted easily without any forms of confirmation of being the true user
Here is how the the security measure can be improved which will ensure only authorized users can make security modifications. when the modify button or delete button is clicked, this window will pop up to ensure the user is the authorized to do such by demanding for the current pin
If the pin is entered coreectly, here is how the app will look like when the pin is deactivated or pin was deleted
If the pin is entered correctly, then this window will pop up to change to new pin
Benefits
Security is of great importance whose importance can never be overemphasized , so if this proposals is implemented the benefits are much part of which are listed below: -If authentication is requested for everytime users are trying to access the app (even if the app was only minimized after the last use), this will prevent unauthorized people from getting access to the app and information contained in the app. For instance, currently anybody can access the app if the authorized user only minimized after the last use and didn’t properly close the app. -If the app request for pin before the current security measures (pin and fingerprint) already set up by the authorized users are modified/deactivated, this will be of great benefits as apart from confidential medical info getting leaked, it will prevent a total hijacking of the authorized user account. How you may ask, the original authorized user can lose access over the control of the log in if the intruder decide to delete the original user security authentications and set up his/her pin instead and there is no other way to recover such password.
Medical information are really confidential and its even a crime in most nations if it was disclosed to unauthorized people by medical practioners , so I believe this proposal should be implemented as soon as possible. Thanks.