Mobile Application security best practices.
These recommendations are a starting point for regulators or application security examiners to perform security assessments
Template For Mobile Application Security Best Practices
The focus here is on general best practices and not specific individual technologies except where explicitly discussed. For this template, we draw on recent works on examining digital financial services applications from the standpoint of the mobile money application space, including the GSMA study on mobile money app security best practices, the ENISA smartphone secure development guidelines, and a mobile payment applications security framework developed by the State Bank of Pakistan.
This template can also be used also as input to an app security policy by DFS Providers.
The template strictly considers the mobile application on the device unless stated otherwise, and subsections describing recommendations deal with various aspects of the operation or underlying policy relating the mobile application. The focus is primarily on Android applications given their large market share, though many recommendations are applicable across mobile operating systems. Privacy is also an important factor to consider, but these recommendations focus on security.
Last updated