What are the reasons behind this statement? Why does the use of mobile devices pose sometimes greater risks? How cyber security testing is relevant to your mobile application testing strategy? Matis Reina, the CEO of Abstracta, explains this in the following article.

By Natalie Rodgers

This is a fact. As the IT industry advances by leaps and bounds, it inevitably brings with it security issues, as well as enabling incredible possibilities. All this should be taken in mind when building a mobile application testing strategy.

This was emphasized some time ago by Rohit Ghai, CEO of RSA, at the RSA 2022 Conference in San Francisco: “There will be new technologies, there will be new vulnerabilities. There will be new exploits and, of course, there will be malware that exploits those exploits.”

According to the World Economic Forum’s Global Risks Report 2022, malware increased by 358% in 2020, while ransomware increased by 435%.

Now, where to focus – mobile, desktop, or both at the same level? 

According to the “Digital 2022 Global Overview Report”, published by Data Reportal in collaboration with We Are Social and Hootsuite Global, more than two-thirds of the world’s population was using a cell phone as early as January 2022, which by then translated into 5.31 billion unique users. As you can see, cyber security testing is more and more relevant nowadays. 

Data.ai’s “State of Mobile 2022” report informed that “in 2021, more than $320,000 per minute flowed through app stores, which was an increase of nearly 20% over previous records (2020).” This means that consumers are migrating their attention and wallets to their mobile devices.

In light of all this, Matias Reina, CEO of Abstracta, asserted that, while it is important to ensure cyber security testing at the highest level across all aspects, “it is more relevant to focus on mobile than desktop”, as part of any mobile application testing strategy. According to him, there are several important reasons for such a framework:

✅In mobile apps, especially native ones (which are the ones that produce the best user experience), the code is downloaded and installed on a device. This increases what in security is called an “attack surface”.

✅Mobile devices can be lost or stolen much more easily than computers.

✅We have a lot of sensitive data on our devices that we want to safeguard given the number of sensors that allow us to access it: health data, finances, and more.

“It’s essential to keep in mind that all or the vast majority of applications use a backend of services. That backend must be tested following OWASP standards, in particular the ASVS, and it is not possible to perform an evaluation of the mobile part without considering the backend,” he stressed.

What is OWASP and what methods exist to complete validations according to its security standards? What levels of security exist? Find out everything soon in an article by Matías Reina.

Are you looking for your ideal cyber security testing partner as part of your mobile application testing strategy? Abstracta is one of the most trusted companies in software quality engineering. Contact us to discuss how we can help you grow your business. 

Follow us on Linkedin & Twitter to be part of our community!