As we seen in Chapter 2, Security in Android Applications, there are ways to communicate between Android apps as they cannot share data due to Application sandboxing. This communication raises security challenges that should not be overlooked.
When using Intents, there are two kinds of vulnerabilities: unauthorized Intent receipt and Intent spoofing. An unauthorized Intent receipt happens while using an implicit Intent. As the Intent is broadcasted, there is no guarantee that the intended recipient will receive it. A malicious application can declare an implicit Intent by declaring all the possible actions in the intent filter. This kind of interception can lead to DoS and phishing attacks.
The best way to protect against this kind of vulnerability is to be very cautious with implicit Intents.
When possible, and especially while sharing private information, your application...