TrustBankCBS Mobile Apps Obtains "Mobile Application Security (Safe to Host)" Certification.
We are pleased to announce that, we have successfully cleared IS & VAPT Audit and have achieved "Mobile Application Security (Safe to Host)" certificate for TrustBankCBS Mobile apps i.e. Mobile Banking, Mobile Passbook And Agency Banking.
Excited with this achievement, Technical Director Mr. Mandar Deo Said “This Certification is in line with our policy to implement all Safeguards to Protect Sensitive and Confidential Data of the Users against Cyber Attacks and malicious hackers. We continuously strive to provide Self Service Experience to Customer with Safe & Secured Mobile Application.”
The Mobile Apps were subjected to rigorous security testing by Experienced IS & Certified CISA Auditors of “Suma Soft Pvt. Ltd.” as per guidelines provided by OWASP-MSTG. The Mobile App APK along with Mobile Security Project was tested for OWASP Mobile Top Ten 2016 and Web Application OWASP Top Ten 2017 vulnerabilities. The APK is found free from the tested known vulnerabilities and Safe for Hosting.
The following testing aspects are considered while testing:
- Mobile platform internals Mobile Application Security Verification Standard (MASVS).
- Static and Dynamic security testing
- Mobile app reverse engineering and tampering
- Assessing software protections
The OWASP top 10 Mobile Risks and Threats checked are:
- M1- Weak Server Side Controls
- M2- Insecure Data Storage
- M3- Insufficient Transport Layer Protection
- M4- Unintended Data Leakage
- M5- Poor Authorization and Authentication
- M6- Broken Cryptography
- M7- Client Side Injection
- M8- Security Decisions via Untrusted Inputs
- M9- Improper Session Handling
- M10- Lack of Binary Protections