Information Security Testing For Mobile Applications

( Industrial Development Bureau, Ministry of Economic Affairs/Financial Supervisory Commission)

Competitive advantages of our service

TAF accreditation laboratory

The first laboratory in Taiwan, which has passed ISO/IEC 17025:2017 laboratory accreditation.

High efficiency of testing

We provide the test result within 7 working days.

Consultation of expertise

For those vulnerabilities and weaknesses, we provide consultation and advice to help you pass the testing more quickly.

Extensive testing/guidance experiences

We have tested more than 2500 applications. Our customers come from fields of insurance, finance, banking, telecommunication, aviation, military, hospital, education, government, E-commerce and games.

Testing content

1. Basic Information Security Testing Benchmarks for Mobile Applications V3.2

Mobile applications are divided into three categories according to their functions:

L1:
Mobile applications that do not require user authentication. There are 23 items to be tested.
L2:
Mobile applications that require user authentication. There are 29 items to be tested.
L3:
Mobile applications that contain transaction behaviors. There are 35 items to be tested.
F :
Mobile applications with higher security requirements that require additional test items. There are 6 items to be tested.

*This picture shows the number of test items for different category of mobile applications.

2. Operation regulations governing mobile applications provided by financial institutions

According to this operation regulation, you can additionally test OWASP Mobile Top 10 and OWASP Checklist L2.

Q&A

1. Estimated time of getting qualified
  • Our laboratory hand in the test report within 7 working days every time. Hence, the key reasons for getting qualified are the days and times of your application to be adjusted. Besides, 14 working days should be added in the estimated time for the alliance to examine the test report in the final session.
2. Procedure to apply for qualification certificate and MAS seal:
  • You can see more detailed information on Official Website of Mobile Application Security Alliance >> Go now