Certified Security for Mobile Applications

According to BITKOM, nearly 80 percent of the Germans have a smartphone and download diverse apps onto it. However, this can lead to incredible gaps in security. As part of the collaborative research project ZertApps, Fraunhofer SIT develops a platform enabling app creators to have product
security certified by an independent body. Certificates are issued based on compliance with generally accepted technical and organizational criteria and results from static and dynamic code analysis. The ZertApps platform informs companies about certificates issued and with this makes it possible to choose secure apps. Besides, app creators will be assisted in closing security gaps.

Purpose and Solution

The purpose of ZertApps is to develop an analysis and certification platform for apps that can be used to thoroughly analyze apps before they are released for public use. To make this certifi cation affordable for developers, it is as automated as possible. Where necessary a security expert also has a look at the app code. What is decisive for each app’s security is the depth of testing taking place during the analysis process as well as the secure creation and administration of certificates to prevent counterfeiting.

Project ZertApp is terminated.