RnD

Mobile Top 10 2016-Top 10 M1 - Improper Platform Usage This category covers misuse of a platform feature or failure to use platform security controls. It might include Android intents, platform permissions, misuse of TouchID, the Keychain, or some other security control that is part of the mobile operating system. There are several ways that mobile apps can experience this risk. M2 - Insecure Data Storage This new category is a combination of M2 + M4 from Mobile Top Ten 2014. This covers insecure data storage and unintended data leakage. M3 - Insecure Communication This covers poor handshaking, incorrect SSL versions, weak negotiation, cleartext communication of sensitive assets, etc. M4 - Insecure Authentication This category captures notions of authenticating the end user or bad session management. This can include: Failing to identify the user at all when that should be required Failure to maintain the user's identity when it is required We...