iForensics: App Security Testing (Ministry of Digital Affairs / Financial Supervisory Commission)
(Ministry of Digital Affairs / Financial Supervisory Commission)
Service Advantages
TAF-Accredited Laboratory
The first App testing laboratory in the country accredited under TAF ISO/IEC 17025, consecutively recognized as an “Excellent Testing Laboratory” for five years
Fast Testing Process
Test results are provided within 7 working days
Professional Consultation Services
We offer consultation and recommendations to address vulnerabilities and deficiencies, helping clients pass the security assessment efficiently
Extensive Testing Experience
We have tested over 2,500 applications, serving clients across industries including life insurance, finance, banking, telecommunications, aviation, military, healthcare, education, government, e-commerce, and gaming
Service Overview
We provide professional and comprehensive security testing services tailored to the security needs of mobile applications. Our assessments are based on international standards such as the Basic Information Security Testing Benchmarks for Mobile Applications, OWASP Checklist, and OWASP Mobile Top 10. We conduct in-depth evaluations of application vulnerabilities, data security, and permission management to ensure that the tested mobile applications meet the latest information security standards.
As a TAF-accredited professional testing institution, our laboratory has been recognized as an Outstanding Laboratory for four consecutive years, demonstrating our expertise and credibility in the cybersecurity field. We understand the critical role that App security plays in brand reputation and business operations. Therefore, we perform every test with rigor and precision, striving to provide reliable security assessment services while continuously earning the trust and recognition of regulatory authorities.
Testing Scope
1. Basic Information Security Testing Benchmarks for Mobile Applications V4.0
The Basic Information Security Testing Benchmarks for Mobile Applications define
security
requirements based on application functionality. Mobile applications are classified into
three
levels, along with an additional security category for higher security needs:
L1: Mobile applications that do not require user authentication (25 test items).
L2: Mobile applications that require user authentication (31 test items).
L3: Mobile applications that involve transaction activities (39 test items).
F: Mobile applications with higher security requirements, requiring additional testing
(9
test
items).
*The diagram above illustrates the number of test items required for each category of mobile applications.
2. Operation Regulations for Mobile Applications Provided by Financial Institutions
In accordance with these regulations, additional security tests for OWASP Mobile Top 10 and OWASP Checklist L2 can be conducted.
International Certifications
Dual Assurance in Laboratories and Information Security
ISO / IEC 17025:
Global accreditation for testing and calibration laboratories, validating iForensics
Digital
Inc.'s forensic laboratory for its excellence in technical precision and management
standards, ensuring clients receive accurate and reliable inspection report.
ISO / IEC 27001:
International certification for Information Security Management Systems, ensuring
high
security and confidentiality in data processing and storage.
App Security Testing FAQs
Our laboratory hand in the test report within 7 working days every time. Hence, the key reasons for getting qualified are the days and times of your application to be adjusted. Besides, 14 working days should be added in the estimated time for the alliance to examine the test report in the final session.
Please complete the authorization letter, questionnaire, and submit the testing files (IPA / APK).
Our laboratory delivers the testing report within 7 business days after each assessment. Therefore, the overall certification timeline mainly depends on the number of revisions and the time required for each App modification. After all issues have been resolved, please allow an additional 7–14 business days for alliance review and the application of the MAS Mark and certificate.
According to the certificate and mark approved by the Mobile Application Security Alliance, the validity period is one year.
Pricing varies based on the testing category and customization requirements. If you have App testing needs, please leave a message via our official website. Our team will contact you as soon as possible to provide further details and assistance.
