Before your company considers giving customers new software tools, you have to consider security. Not only are data breaches a costly liability, but they can also be a permanent blow to your reputation. If you've been waiting to see if PWAs are really worth the risk, don't worry. The security concerns are shrinking by the day. Here's how:

1. They don't interact with hardware without the customers' explicit permission.

Traditional apps can interact with mobile users' hardware just like older software installations. That's both a large security concern for end users and a liability for the app creators. But PWAs float above the need for hardware interaction. Far from being a full app or program, they're a tool that lets the device's account interact more personally with the general site.

2. More cross-OS integration means fewer problems.

Google may have all but started the concept of PWAs but Apple has adopted their use, too. That means PWAs can be used (and used fully) across different operating systems. Primarily, that means fewer security gaps. Some of the worst data security disasters occur when companies don't adequately account for the differences between systems and leave their customers vulnerable to attack.'

But cross-OS integration also means customers have more reason to invest time and energy in implementing great PWAs. They don't have to spend time investing in a getting approval for software projects that only impact Chromebook or Android users. Instead, every PWA is accessible to the vast majority of customers.  

3. Chrome 70 makes it easier for end-users to enable the security they want.

Chrome 69 offered a lot of automation and convenience. But some users argued that it went too far and automatically permitted settings that could be dangerous. The browser could automatically set to Google accounts, remember information and offer it back, and open doors that previous browsers locked with a verification step or two. 

That made a lot of people leery about PWAs, which also operate on convenience and remembering what users want.

But Chrome 70 took steps to solve the problem. Now users can better customize their security settings. Users take a more active role in deciding what information and accessibility they want and which security measures they want to breeze through. That means fewer people are afraid to trust their information in the browser.

4. It's harder to hide surprises in the code.

Most software projects involve pulling from an open source code library or online resources. Whether you're uploading a web design template from an unverified source or adding a snippet of code from a forum, it's hard to trust that you're getting exactly — and only — what you wanted.

Tools like PWAs are no exception. While the baseline code can be pulled from reputable sources, especially if you're starting with Google's business resources, you need an absolute guarantee that the code is safe before you expose your users to it. But PWAs are safer than other similar interfaces for three reasons:

1. Google's resources are safe if you just need the basics.
2. An expert third-party service can customize your PWA to be precisely what you need with no surprises.
3. PWAs are too short for unfriendly code snippets and viruses to work their way inside.

The third point is all but unique to PWAs. There are just a few elements in the entire app, and most of them just reference your already existing site. There's simply no room for unpleasant surprises to hide in. If you're familiar with what the code should look like, even a quick manual read through can give you peace of mind.