The front end of any mobile app is the first interaction a customer has. This is everything the customer sees, including images and content, that leads back to the system behind it.
It is also the door a hacker can open to see how they can exploit this front interface and access the back end. In recent years attacks on apps have become more sophisticated. These are often harder to detect until it is too late.
Chris Blake, Director, and Principal Data Protection & Privacy Consultant, said: “We interrogate the app to find any weaknesses. There are numerous potential vulnerabilities for hackers to see if they can get through to the back end and cause a lot of disruption.
“At Firesand we have a bespoke mobile app testing process. We conduct static and dynamic analysis of apps including analysing permissions and access, identification of components with known vulnerabilities, deep-link analysis, code decompilation, and memory manipulation. We also identify secrets held statically or generated dynamically, as well as regular penetration testing more akin to web application tests.
“There are a host of areas that could be found to be under attack. For example, funds could be directed to different bank accounts, increasing credit limits, personal information collated or malware downloads could be inserted. Mobile local storage also presents an attack surface as well as interactions with other apps or weak encryption, jailbreaking or rooting, and various others.”
Firesand has carried out mobile app penetration testing in European and US gaming sectors as well as banking and other sectors.
If you are a company in the US or European gaming sector contact us to find out how we can keep your business secure.