Do you have any way to tell if any free users actually entered their AWS keys into your app? There is a much higher level of trust needed for your app over the average mobile app. To actually use it with production data when I'd never heard of you before, I'd probably generate a honey pot set of keys and check if they leaked, and other tests before I could trust it with real keys. Security apps are really tricky to bootstrap.
The keys are staying on the device, so I have no way to check if people actually entered them. I'm also not running any analytics.
I mean, I just guess that if people weren't using the app, they would uninstall it eventually?
I've had a retention rate of 60% which I thought was pretty good and made the think that people actually use the app.
That being said, I completely understand the trust issue you mention. It's even worse for the online version of the same service, iamproxy.com
Do you have a suggestion how I can improve the trust?
