Mobile applications introduce some unique security challenges.
Penetration testing for mobile apps must therefore identify vulnerabilities unique to applications developed for mobile devices. We examine the various interfaces between the user and the mobile application, and the application components themselves.
The objective is to assess the security of the data in transit and at rest, to determine the potential for an attacker to manipulate the mobile application through client or server side interaction.
The assessment finds vulnerabilities both as registered and anonymous user types. This type of testing has a high manual component (80%), and test consultants build custom test cases to discover contextual security vulnerabilities, specific to the application.
Good mobile application penetration testing requires a thorough and deep understanding of the application.
Our team examines the actual application for both iOS and Android, user guides and manuals, and where required will review with development team.
If the source code of the application is available, we perform a source code review to identify any security issues within the code.
If the source code is not available for review, we begin the test with a reverse engineering exercise to uncover any issues with key areas of the software, such as input validation or authentication.
Mobile applications typically store data locally. The access to this data may allow an attacker to avoid certain security mechanisms in the application.
We recover and analyse any files used by the app to uncover any identifiable sensitive information.
Mobile applications connect to the back-end server to manage authentication, access control and other security measures.
In order to analyse the network communications in detail we set up a proxy between the mobile application and the back-end server.
We then combine automated tools and manual testing techniques to achieve an in-depth investigation of the application.
A detailed report is prepared, providing the results of the tests. The vulnerabilities identified are included with a description, risk rating, enumeration and vulnerability details, IDs, such as CVE –ID, Bugtraq-ID, etc. Most importantly we provide clear recommendations for mitigation.
We'll schedule a preliminary phone call to learn about your challenges
You'll outline your needs and highlight any relevant applications in a scoping questionnaire
We'll review the results and send a detailed proposal outlining the service and pricing
You'll let us know when to proceed
We'll schedule a convenient start date and begin gathering the required technical information in advance
Yes, there is code in the client device that can be exposed to attacks in many ways. Mobile device users may have the ability to download unsecured apps that are sharing the space in the client device with your application.
Your mobile application will be potentially exposed to ‘jailbroken’ or rooted mobile devices (compromised or hacked mobile devices), which may allow hackers to reverse engineer source code and/or access local sensitive data stored by your application.
Your mobile application resides on a device outside your secure infrastructure – the user's handset or tablet. This means that you have little or no control of that device and other applications that run alongside your application.
Based on our experience of testing 100's of mobile applications, we have seen high instances of issues related to mobile application client security including local data storage and hardcoded passwords.
We have also observed a high incidence of authentication and authorisation issues, where security controls implemented at the mobile client are easily bypassed to access privileged functions on the back-end application.
Reverse engineering is performed to bypass SSL pinning, steal cryptographic keys, to bypass authorisation logic code into the mobile app and to check if obfuscation techniques are adequate.
This technique is also used to prove the possibility of exploitation, or in conjunction with a social engineering test.
Bespoke security testing
Our Security Testing Programmes help clients identify and mitigate against the vulnerabilities within their infrastructure, processes and people. We design and conduct rigorous investigative engagements that locate and fortify weaknesses within technology, code and human behaviour.
We offer a broad range of standalone and managed security testing services, as part of both point-in-time projects and ongoing, integrated programmes.