NOWSECURE UNVEILS FIRST AUTOMATED OWASP MASVS V2.1 MOBILE APP SECURITY AND NEW PRIVACY TESTING

NowSecure MARI is the industry’s first simple risk score based on millions of assessments that identifies third-party apps vulnerable to PII and IP exfiltration, supply-chain and MiTM attacks and sensitive data theft.

MARI Datasheet featured image 768X480
NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy NowSecure Launches Mobile App Risk Intelligence Solution to Combat Threats to Customer and Employee Security, Safety and Privacy Show More
magnifying glass icon

NowSecure ADA MASA

Android developers can drive more downloads and demonstrate safeguarding trust with an Independent Security Review in their Google Play™ Data safety section.

Get A Review Fast

NowSecure partnered with the App Defense Alliance (ADA), the Joint Development Foundation with Google, Meta, and Microsoft under the Linux Foundation family to build the Mobile Application Security Assessment (MASA) and can complete the MASA validation as an ADA Authorized Lab.

Validate Mobile App Security and Privacy for Google Play™

Google Play hosts nearly 3.5 million Android mobile apps and counting that have been downloaded by billions of users. To increase transparency and help users make informed choices about the mobile apps they install, Google recently began requiring mobile app developers to disclose how their apps handle user data in the Google Play Data safety section.

Google Play Data Safety Requirements

The Data safety section on the Google Play is a simple way to show what user data the app collects or shares and showcase key privacy and security practices. This section is designed to help users make more informed decisions about which apps to install. As of July 20, 2022, all mobile app developers who submit new mobile apps or update existing mobile apps must declare how they collect, share, and secure data. After August 22, 2022, non-compliant apps may face additional enforcement actions like the removal of the app store listing from Google Play.

ADA MASA Independent Security Review

Google Play Data safety helps users decide which apps to trust. An optional independent security review enables Android developers to drive more downloads by reassuring users that their app meets an industry standard of security best practices. That independent review comes in the way of the App Defense Alliance (ADA) Mobile Application Security Assessment (MASA) which must be completed by an ADA Authorized Lab. The independent security review badge gives users confidence that apps have been validated by independent experts to be safe and secure.

The ADA MASA Framework

The ADA MASA is based on the Open Web Application Security Project (OWASP) Mobile Application Security Verification Standard (MASVS), a globally recognized standard for mobile application security. MASVS provides a set of baseline security criteria for developers. The first level, L1, outlines the basic security practices that all mobile apps should undergo. Experts from ADA Authorized Labs like NowSecure use the objective testing procedures outlined by the OWASP Mobile Security Testing Guide (MASTG) to evaluate Android apps against a set of MASVS L1 requirements that include Data Storage and Privacy, Cryptography, Authentication and Session Management, Network Communication, Platform Interaction, Code Quality and Build Settings

Benefits of ADA MASA Validation

ADA MASA validation benefits mobile app owners, developers, security analysts and users alike. Performing regular mobile app security testing helps developers identify and remediate key vulnerabilities, reduce risk and mitigate future liability. An ADA MASA independent security review demonstrates the app’s commitment to security and privacy, which in turn increases user trust and downloads. As an ADA Authorized Lab, NowSecure can guide you through the MASA certification to apply the highly desired independent security review badge to your app’s Data safety information. Our team will partner with you to assess your mobile app, deliver a detailed report and help developers fix any issues that are found, and process a retest so you can publish and benefit immediately. The independent security review MASA validation helps you gain user trust and drive more Google Play downloads.

The NowSecure Difference

As an ADA Authorized Lab, NowSecure is here to guide you through the ADA MASA validation and get the highly desired independent security review badge applied to your Android app! NowSecure is the recognized expert in mobile app security testing, and with a comprehensive suite of automated mobile app security and privacy testing solutions, and penetration testing and training services, NowSecure is perfect for all your mobile application security testing needs.

Access to Unlimited Automated Testing

NowSecure is the ONLY ADA Authorized Lab offering free automated security testing software for one full year. This enables your development and security teams to find and fix potential ADA MASA issues before your next submission, so you retain the Independent Security Review badge on your Google Play store listing.

Fast, Free Smoke Test

NowSecure is offering a free “smoke test” review for your Android mobile app to see if there are any issues to address before submitting for validation. This comes with guidance on which issues must be remediated, and will help get the MASA Validation ball rolling.

Official App Defense Alliance Partner

NowSecure is the only mobile-first, mobile-only member of the App Defense Alliance that can perform ADA MASA Validation. As an Authorized Lab, NowSecure brings more than twelve years of experience in pen testing and compliance, deep roots in OWASP and standards-based testing, and offers a collaborative approach with your developers to ensure fast remediation of any issues for fast certification.

OWASP MASVS Supporter

The OWASP MASVS is the basis for the ADA MASA requirements. NowSecure is an OWASP MASVS active contributor, OWASP God Mode sponsor and recognized with the OWASP MSTG Advocate – the basis of ADA MASA.

For mobile applications that are looking for even deeper security analysis, NowSecure extended Penetration Testing Services to offer an OWASP MASVS Pen Test and for compliance and incorporates OWASP MASVS findings into NowSecure Platform software for automated mobile application security testing.

case-study-rectangle

CASE STUDY

quote-yellow
“App Defense Alliance (ADA) Mobile Application Security Assessment (MASA) validations are important because they give customers peace of mind.”

Aldo Salas

Application Security Lead, HYPR

Drive More Google Play Downloads

Get an Independent Security Review Badge with ADA MASA Validation