NowSecure, the leading standards-based mobile app security and privacy software company, announced in partnership with the ioXt Alliance a new NowSecure ioXt Compliance Testing Solution that empowers organisations to rapidly certify their IoT-connected mobile apps and mobile VPNs for the ioXt Mobile Application Profile. Leveraging more than a dozen years of mobile app pen testing and certification experience with unique automated NowSecure testing software, NowSecure is an ioXt authorised lab that provides fast turnaround, high-quality results and collaborative assistance to quickly complete compliance certification.
With over 26 billion Internet of Things (IoT) devices, it is projected to grow to more than 75 billion by 2025, modern life, home and business depend on IoT for convenience, safety and productivity. As the global standard for IoT security, the ioXt Alliance for years has offered security certification for IoT devices. Now, in partnership with NowSecure, Google, Amazon and other leading vendors, the ioXt Alliance has defined a rigorous industry-wide security certification standard for the mobile apps that connect to and manage those IoT devices and mobile VPNs. This will enable vendors and developers of more than 4,500 IoT-connected mobile apps in public app stores to ensure security and protection for their mobile users.
‘We are excited to announce our partnership with the ioXt Alliance and our solution for ioXt Compliance testing’, said NowSecure CEO. ‘The wild west of mobile app security and privacy needs standards to provide consistency and confidence. From OWASP MASVS to NIAP and now ioXt, we are seeing the industry shift towards standards-based specifications and formal compliance certifications for mobile apps. We look forward to helping all IoT and VPN manufacturers ensure the security of their IoT-connected mobile apps and VPNs through a fast, accurate, cost-effective process — raising the bar to ensure the protection of all mobile users.’
A recent benchmark of 140 popular IoT-connected mobile apps and VPNs available in public app stores found 887 security issues with an average number of 6 security issues per app. While the vast majority of apps tested properly secured their credentials, authentication and network communication, security weaknesses were found in data stored on the device, weak encryption and leakage of personally identifiable information (PII).
Also Read: Let the Software Robots Take Over
Mobile app security, privacy and compliance testing are challengingly complex, and fundamentally different from web, network, PC, IoT device and other technologies. NowSecure brings considerable experience as the only ioXt authorised lab that is mobile-first and mobile-only, with more than 12 years of experience. NowSecure leverages advanced automated tools used by expert analysts for speed, accuracy and cost-efficiency. More than simply generating test reports, NowSecure collaborates with developers to ensure fast remediation of any issues for fast certification. Finally, NowSecure provides an easy transition from one-time testing to deploying automated continuous ioXt compliance and continuous mobile app security testing for more complete coverage throughout the lifecycle.
‘As the mobile app industry continues to grow, security has become increasingly important to all stakeholders and end-users’, said Brad Ree, CTO of the ioXt Alliance. ‘The partnership with NowSecure will help us verify that security standards are met for mobile apps and VPNs in line with the Mobile Application Profile, which will ensure security transparency and better digital safety for all users.’
As the proliferation of mobile apps continues to grow, standards-based industry testing and certification are critical for consistent predictability, safety and governance. Standards dramatically improve mobile app development and security team alignment and collaboration, which in turn improves quality and speeds release times for mobile app creators. The NowSecure ioXt Compliance Solution extends the company’s suite of standards-based compliance and certification solutions including NIAP, OWASP MASVS, GDPR, CCPA, FFIEC, FISMA, HIPAA, GDPR and numerous industry regulatory standards.