Cookie consent(s)
We use cookies to personalize content and ads, provide social media features, and analyze traffic. This is done only with your explicit consent. By clicking "ACCEPT ALL," you agree to the processing and sharing of your data with our partners for social media, advertising, and analytics, including in third countries in accordance with Art. 49(1)(a) GDPR and Art. 17(1)(a) FADP (Switzerland). There is a risk that your data may be monitored by authorities without legal recourse. You can change or revoke your consents at any time in the data privacy settings .
Data protection declaration | Legal notices
Settings
Artboard of a Phone with a dashboard
Mobile Application Security Assessment

Enhance Your Mobile Application Security

MASA

Ensuring robust mobile application security is crucial in today's digital landscape. Mobile Application Security Assessment (MASA) is an industry-led collaboration to improve application security through third-party security assessments based on industry standards. The goal is to ensure the security of Google Play and the Android ecosystem and provide greater transparency to consumers.
As one of five authorized partners from the App Defense Alliance (ADA), DEKRA conducts thorough mobile app security assessments to ensure your applications meet robust security standards.

MASA Level 1: Essential Security

MASA L1 focuses on essential security controls, providing a baseline for the security best practices that every mobile app should meet to protect against common threats, regardless of their functionality or the sensitivity of the data handled.
The goal of MASA L1 is to ensure a baseline level of security in order to prevent commonly seen vulnerabilities. DEKRA, as an accredited lab, emphasizes adhering to secure defaults provided by the OS, frameworks and implementing well recognized security measures considered “fundamental”. These include, using TLS or up-to-date strong cryptography. It is important to recall that certain tests are included due to their minimal implementation effort relative to their significant security enhancement.
MASA L1 is recommended for:
  • All mobile apps as a baseline.
  • Apps that only deal with (user) low-risk sensitive data and do not contain sensitive functionality.

App Defense Alliance (ADA) Directory

Users also have the ability to “Learn More” about your app, which redirects them to the ADA directory, a centralized place to view all apps that have completed an independent security review. Users can also discover additional technical assessment details in the ADA directory, helping them to make more informed decisions about what apps to download, use, and trust with their data.
Learn more
PLAN A
The best plan for large app review
Register now!
PLAN B
The perfect plan for medium app review
Register now!
PLAN C
The perfect plan for simple app review
Register now!
Save 20% now!

MASA Level 2: Advanced Security

MASA L2 extends MASA L1 by introducing additional security measures and controls for mobile applications that exceed standard requirements to address advanced threats.
The goal of MASA L2 is to offer more thorough protection against sophisticated cyber-attacks, especially focusing on areas dedicated to data validation, authentication and session management or high – level cryptographic standards, among others. MASA L2 requires more rigorous threat modeling and testing strategies as these controls are designed to offer a higher level of protection to ensure the security of all applications that deal with sensitive data and mitigate risks.
MASA L2 is recommended for:
  • Mobile Applications that handle high – risk sensitive data and contain sensitive functionality.

The Importance of Mobile App Security

In today's digital era, mobile apps are essential for day-to-day activities but constantly face various threats. Vulnerabilities can lead to data breaches that damage business operations, reputation, and financial stability.
MASA addresses these challenges with evaluations based on industry standards, ensuring:
  • Enhanced protection against cyber threats
  • Improved compliance with security regulations
By adhering to MASA standards, developers can demonstrate their commitment to security, making their apps more appealing and trustworthy to users. As a Google Authorized Lab for MASA, DEKRA has conducted the most evaluations up to date.

Our Approach to MASA

    Providing an unbiased evaluation of your application's security.
    Ready to secure your mobile applications?
    Reach out to us through our contact form to learn more about the benefits of DEKRA's Mobile Application Security Assessment.
    Get in contact

    Common Questions about Mobile Application Security Assessment

    What does the process look like?
    Starting on the 20th of July 2022 you can either upload your APK File for pre-assessment in our system, identifying the key vulnerabilities and providing the opportunity to remedy these before the MASA. If you successfully pass the assessment, you get a report and an issue letter. If you fail the assessment you need to remedy the issues and re-do the assessment.
    What’s the value for developers?
    What’s the value for the end users?
    What types of apps are applicable?
    What is the scope of the assessment?
    What type of test cases will this assessment cover?
    How long is the certificate valid?
    How much does it cost?
    How long does the process take?