Security Mechanisms vs. Application Logic: Conclusions from Mobile App Penetration Tests
Martin Matyja
In our daily work, we often come across mobile applications, primarily for Android and iOS platforms. This article describes an example that demonstrates how popular security mechanisms should not replace essential application logic. During a recent audit, we discovered a security gap that allowed a bypass of the child mode restrictions within a mobile app.
READ article
