Solution: AppCheck-Service: Examination and Evaluation of Apps
AppCheck-Service: Examination and Evaluation of Apps
In which region do you need this solution?
Data protection analysis
TÜV AUSTRIA CERT GMBH
Review and assessment of apps
Few companies have integrated their mobile end devices into a comprehensive and effective IT security architecture, despite the fact that the number of malware programs developed specifically for smartphones and tablet PCs is rapidly increasing.
Permanent internet connectivity, geolocation and the increasing amount of confidential data make mobile end devices the ideal springboard for successful data and know-how theft.
In addition to the functionality of new devices and applications, the security of the data used on them must also be considered. On the one hand, the focus is on securing the infrastructure; on the other hand, the security level is shifting more to the data, application and information level. Attempts to prevent the installation of apps centrally by securing the infrastructure or bans usually fail. That is why every company should have apps security-checked before they are used. The AppCheck service offers an approach for improving mobile security.
With this service, we test apps using neutral test criteria and evaluate them. The test criteria are based on current standards and best practices of TÜV AUSTRIA. The central element of the service is a testing framework that uses a threat model to model all relevant threats for and through apps on a mobile device. These can be, for example, unauthorised access to the address book, unencrypted transmission of geo-data to the operator or also the unencrypted communication of apps with systems on the Internet.