Description
Mobile Applications use certificate pinning to prevent MitM attacks on apps and Open WiFi.
Mobile applications have protections for the binaries that users can download.
Mobile apps preferably store information encrypted and containerised.
Sensitive information must be stored server-side unless specifically needed for functioning of the application.
Specification
-
ISO 27001 & 27002:2022
8.1,
A5.8,
A8.25,
A8.26,
A8.27,
A8.28,
A8.29,
A8.31,
A8.30,
A8.32
SURF toetsingskader informatiebeveiliging (NBA-volwassenheidsmodel)
SD.01 Methodology for secure development and implementation of software