Case Studies

Penetration testing of Mobile Banking application

Location :Banking, Pune (India)

Time to solution : 6 days

Business situation : A well known bank wanted to get its application pentested as a part of RBI Audit. They approached us to test their application so the full cyber secured application can be launched with complete security measures to use for their customer.

Security Problems Observed : The application was tested thoroughly and found that that app did not specified the mainfest element which would have led to data theft. Also found that security key was hard coded which can easily stolen by the attacker and led to the serious problems of personal data thefts and fraud.

Benefits : Bank implemented the suggestions provided by us, which helped bank’s management make the app secure and gain confidence to advertise the portal further to multiple customers. This further led to getting government approval for increased business.

Penetration testing of Healthcare mobile application

Location : Jaipur (India)

Time to solution : 6 days

Business situation : This healthcare application allow subscribers with workplace wellness program to access their daily tasks, challenges, reminders, articles, quizzes and webinars from the app itself. The app also allows one to connect with the Health coaches (doctor/nutritionist/counsellor) and review and redeem PEPs (Productivity Enhancement Points). Client wanted to perform penetration testing on their application.

Security Problems Observed : App was found to be storing authentication credentials in a non-secure way, this would have led the attacker re-use those credentials and compromise personal information. App was also found to be performing few web service related problems, that would have let attacker steal the identity and steal user’s data.

Benefits :After fixation of these vulnerabilities, the app company could rely on the security measures taken and thus publish app to google playstore and itune store. This further led to multiple downloads and usage of app without any consumer data compromise

Penetration Testing for Music Application

Location : Pune (India)

Time to solution : 2 Weeks

Business situation : The well established IT firm approached us for their music application pentesting. Application was a platform for upcoming singers to showcase their talent. If application wouldn't have tested it could have led to music piracy.

Security Problems Observed : After checking logs and performing tests we found some technical observations that the application business logic has been disclosed. Also we found that even though after killing application data it still resides on the device. Network level vulnerabilities were found too. We provided solution to fix the vulnerabilities.

Benefits : Our solution helped client to secure the application and avoid music piracy. Customer was imparted with cyber security knowledge and could use it in their next version of the same product, as well as upcoming mobile products.

Case Studies

Ideally - just the mobile app. At Apptrusty, we believe in mimicking real life hackers. They have access only to your app's binaries and ideally that's all we expect from you. Once we are formally and professionally engaged with you to perform pentesting of your mobile app, we do ask few questions such as below

Some numerical data

450

cups of coffee

64

projects done

600

comments

3500

happy clients

Discover our projects and the rigorous process of creation. Our principles are creativity, design, experience and knowledge. We are backed by 20 years of research.

I have a project

Know our amazing features

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Dolor alias provident excepturi eligendi, nam numquam iusto eum illum, ea quisquam.

A feature title

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Delectus dicta error.

Action here

A feature title

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Delectus dicta error.

Action here

A feature title

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Delectus dicta error.

Action here

A feature title

Lorem ipsum dolor sit amet, consectetur adipisicing elit. Delectus dicta error.

Action here

Social Links