If you have your own app implemented externally, you should define platform-specific measures for the implementation partner exactly for the app development. This includes which iOS and Android specific measures and configurations should be used to implement the App security concept and corresponding mechanisms. We help you with the appropriate specification of the necessary measures specifically for the iOS and Android App platform.

A central component of an analysis of a security architecture are the product- or service-specific App security requirements. These form the expectation horizon for the investigations and the final evaluation. In addition, the attack surface of the App and its components is identified. Defects in the general concept, the security requirements and in the detailed specification of specific measures are pointed out and recommendations made in the context of the analysis of the security architecture in order to be able to adequately counter these aspects.

This type of project is focused on your internal development and management and considers the implementation of the App and, if desired, the backend systems involved: The evaluation reports of this project type provide you with everything you need to make informed decisions: documented requirements and assumptions, detailed descriptions of tests and results for your developers, and meaningful summary assessments for your management. Project results are limited to your internal purposes.

In highly competitive markets, a high App security can be the advantage that makes you the market leader. We can perform evaluations that verify the specific security claims of your app as part of a targeted evaluation and help you to respond to your customers' security needs and questions. The project report focuses on the desired security claims and can be passed on to your customers/partners as part of an NDA.

Test certificates and test reports show your customers and the public that you care about the security of your app. Published by an independent laboratory under the renowned Fraunhofer brand, they convey confidence and strengthen your sales potential. Apps can receive a Fraunhofer SIT certificate if they meet all security requirements. The certificate itself can be used for marketing purposes as a differentiator from your competitors.

We spend a lot of time attacking app vulnerabilities by, for example, leveraging encryption, finding implementation flaws, and searching for sensitive, insecurely stored app data. We are happy to share our knowledge with our customers and partners in app developer training courses about what should not be done when developing apps and which well-known, secure building blocks for security relevant app functions should be used instead.