Mobile apps are fraught with various security risks on the mobile device itself, on the one hand, and on the back-end infrastructure, on the other hand.
Moreover, mobile apps are often created for various end devices, sometimes even those based on different frameworks, so the individual versions can be significantly different. All such versions mostly access the same back-end; here, particularly, the back-end server and apps as well as the authorization matrix can show vulnerabilities.
We test mobile apps on iOS and Android platforms.
The following main checkpoints are relevant in this case:
- Safe backup of confidential data
- Secure communication: confidentiality
- Secure communication: integrity
- Authorization matrix and secure implementation
- Operating system layer back-end server
- Application layer back-end server
The checks are in line with the OWASP Mobile Security Top 10.
After the test, you get a detailed report on individual checkpoints, vulnerabilities, if any, and a solution approach for their mitigation. The report also includes a management summary.
In case you have questions or if you would like to receive an offer for a security check of your mobile app, please do not hesitate to contact us.