1. Insecure Data Storage
A common practice among the developers is to depend upon the client storage for the data.
2.Poor Authorization and Authentication
Poor or missing authentication allows an adversary to anonymously operate the mobile app or backend server of the mobile app. This is fairly prevalent due to a mobile device’s input form factor.
3.Weak Server Side Controls
Any communication that happens between the app and the user outside the mobile phones happens through a server. This becomes a primary target that gets exploited by the hackers. The precautions you can take to ensure server side security may range from hiring a specialized security expert in-house to simply using a testing tool and taking general precautions.
More information abot it here
Applications to communicate 