What we do
We security assess the app’s functionality and how it interacts with both the mobile device and the remote web services it needs to retrieve information.
With our deep knowledge and understanding of iOS and Android native mobile app security, we look for security issues associated with data privacy, communications between the app and the web servers, and any vulnerabilities in the actual web services that could lead to unauthorised access to sensitive information.
The most common vulnerabilities found in mobile apps are tested for, in line with OWASP’s Mobile risks:
- Sensitive data leaks
- Hard-coded passwords/keys
- Client-side injection
- Lack of binary detection
- Insecure transmission of data
- Insecure data storage
- Poor authentication and authorisation
- Improper session handling
- Why financial services need penetration testing in 2020 - It’s that time of year again, where we try to shed the festive pounds and look to the year ahead.
- How to avoid ransomware in financial services - Travelex’s ransomware attack is an all too familiar story. An organization - large or small - falls victim to cybercriminals
- Collaboration is the Key to a Successful Penetration Test - Trusting your penetration testers will give you the best value from your security test. Work with your pen testers and