Back to Insights

November 18, 2020

Is my app really mine? Five tips for avoiding developer hijacking

Most people get a little nervous when we ask them if their app or web product is 100% theirs before taking over the work. People often realize they are too dependent on their current developer when it’s already too late or looking for a new team.

Is my app really mine? Five tips for avoiding developer hijacking

Before taking on a new project, my job typically involves quite a lot of coaching, be it on how to build an MVP, leverage UX User Studies or Design Thinking, what third-party tools offer scalable solutions, etc. But I also emphasize ownership, IP, and necessary access information, especially when a previous development team has been involved in the project.

In this article, I want to focus on making sure that your app or web product is genuinely yours from the beginning. We will cover:

  1. Intellectual Property (IP)
  2. Source Code
  3. App Stores
  4. 3rd Party Accounts
  5. Documentation

Working with a professional development team is usually a pretty seamless experience. Seasoned developers will have a straightforward process that is typically secure, honest, and transparent. However, there are instances where a developer might hold an app or website hostage. Whether it’s because they do not want to lose the work, they are not a trustworthy team, or because there are disagreements during the project, developers could hold onto your app for numerous reasons.

If and when this happens, it can be disastrous. If a developer has the sole access to your app, it’s not just about not being able to make changes or updates, but you can lose money, customers, or even your entire business. Under another scenario, they could charge your exorbitant fees for providing access or making needed adjustments.

Thankfully, there are steps to take to avoid this situation. You want to make sure from the beginning that you are in total control of your app. So when you begin working with a developer, here are five crucial points to keep in mind.

1. Make sure all intellectual property is legally yours

Before working with a development company, ensure that all intellectual property (IP) will be legally yours, including source code. You will want to have legal documentation of all patents, trademarks, copyrights, and then decide which IP you will disclose to the developers.

Along with ensuring proper legal documentation of all IP, the development team should sign a non-disclosure agreement (NDA) and a software development contract. Often, IP is tied to payment. A developer will need to protect themselves from clients who do not want to pay, so a fair agreement is payment in exchange for intellectual property. The agreement should explicitly outline ownership over all intellectual property created during the project, along with requirements from both parties. By putting these measures in place before the project begins, you can ensure legal ownership of all intellectual property created during the contract.

2. Have admin access to your code

Just like having legal ownership of your IP, it’s essential to have admin access to a repository with the updated version of your code. Different repository permission levels give access to features and tasks, and the Admin level allows you to manage the individual team and team access. If the developer only gives you “Read” access, it means you can only view the site (and this is the lowest level of access). The developer may not give you access at all or remove you from the repository in case they want to hold the code away from you.

Before beginning your project or at whatever point you may be, insist on Admin access. GitHub explains more about each level of access and recommendations for who needs what permissions.

3. Own app store access and certificates

It’s important to start with the app store credentials as yours. Doing so can avoid future problems of transferring ownership. If the developer used their accounts to upload the app, it is still possible to transfer the app to you by following these instructions for the Apple app store and these instructions for the Google Play store. And no matter what a developer tells you, it is possible to transfer ownership of an app without losing any features or reviews.

On a related note, don’t forget about app store certificates. These certificates are used for distribution and submission to the app store, so they are sensitive information related to your product. It’s crucial to have Admin access to these certificates to avoid any problems in the future.

4. Maintain a list of all relevant accounts

If a developer is working on your app, it might be easy just to let them do their work and not pay attention to other relevant accounts. However, to avoid any future problems, keep track of all accounts such as Amazon Web Services or other cloud hosting services. Don’t forget about any database management services and third-party services — including anything you use for push notifications, Firebase, Twilio, all analytics, and more. Keep a running list of accounts, passwords, and access information, so you are not locked out of anything.

5. Store any relevant documentation

The developer will likely create a roadmap or guide in the app creation and deployment steps across different environments. Keep all of that information secured internally, especially for when another developer needs to take over the project. Always ask the developer for this information along the way, so you are not left without proper documentation if the relationship sours.

Keeping your app safe

Before beginning a project with a new developer, always research the company or individual thoroughly. Ask for references and speak with past customers to get a good sense of the developer’s communication preferences, past work, and attitude towards clients. It’s essential to choose the right developer who does not have a history of hijacking apps or negative feedback from past clients.

If you have any further questions about this topic, feel free to reach out at hello@qubika.com.

Bohlmann
Elisabeth Bohlmann

By Elisabeth Bohlmann

Managing Director

Elisabeth is Managing Director at Qubika. When she isn't hard at work at Qubika, you can find her performing with her band, or at the park with her two shelter dogs, Coco & Simona.

News and things that inspire us

Receive regular updates about our latest work

Let’s work together

Get in touch with our experts to review your idea or product, and discuss options for the best approach

Get in touch