Codified Security’s automated mobile app security testing platform tests mobile apps for PCI app security vulnerabilities.
Codified Security’s rules engine recognises the Payment Card Industry Data Security Standard 3.2 (PCI-DSS). This gives you a transparent way to understand the compliance of your mobile apps and data privacy risks.
Codified Security helps to fulfil testing obligations and secure mobile apps against the security framework of PCI-DSS. We offer certification for your mobile app’s compliance with PCI-DSS 3.2.
The rules that are applied to each mobile app are customisable according to the risk policies in use at your company. This makes it possible to change the risk level or ignore individual rules according to the particular requirements of a mobile app.
At Codified Security we view PCI app security as key to helping mobile developers at financial companies and institutions understand and improve app security, all users are able to choose to test their mobile apps for PCI app security.
For a mobile app to be compliant with PCI-DSS there are a number of requirements that Codified Security’s static rules engine covers:
- Identifying and mitigating vulnerabilities in custom and third- party code (Requirements 6.1, 6.2, 6.3, 6.4, 6.6)
- Performing code reviews by an independent organisation knowledgeable in secure coding practices (Requirement 6.3.2)
- Training developers in secure coding techniques (Requirement 6.5)
- Regularly testing systems and processes (Requirement 11.3)
- Maintain an information security policy (Requirement 12)
No false positives
Other mobile app security testing products generate high false positives rates, we use manual analysis to stop you chasing after false positives and we guarantee you a report within 1 business day of upload.
Keep your source code secure
We test the mobile app binary so there’s no need to share your source code.
Reports that show you each problem
Our reports on your mobile app’s security vulnerabilities give you remediation advice and show the exact file and line of code where the problem was found.