How To Test Security Of Data Transferring During Mobile Testing, Desktop Testing Or Web Site

Software Security has be.e one of important aspects of a modern software product. That is why security testing should hold a prominent place in each software testing process. Security of an application is a .plex conception depending on many things. Secure data transferring is one of them. It is especially topical for mobile programs because mobile devices are used in different places; they are connected to various public WiFi hot points. Hackers often try to intercept personal, banking or other information in such places and use it for ill purposes. They install special applications for listening and capturing data. So, if the information is sent in plain text and can be easily read by people, thieves can utilize it. The consequences can be serious, if, for example, people with evil intention get access to somebodys bank account. That is why a software testing .pany advises to encrypt sensitive information. Software products using encrypted .munication usually have a padlock on their icons. Security of Data Transferring of a Mobile Application Can be Checked: – by means of an emulator of a tablet or smartphone on a personal .puter and an instrument analyzing data traffic; – directly on a mobile device with installed virtual private network program connected to a personal .puter with an instrument analyzing data traffic. Experts in mobile application testing , desktop testing and web site testing claim that encrypted data transferring is not an ideal solution, it doesnt provide absolute security. But it is good enough to keep most of the attackers away as it requires more efforts to steal the data. As a rule, thieves are looking for easy pickings and would rather search for insecurely transferred data. Modern applications are .plex and multilevel; they include lots of media elements, advertisements, utilize various libraries and so on. The data can be sent and received not only by the application itself but by its elements as well. One should be careful checking programs of that kind. The pitfalls are in third party elements. They may be tested hastily or not checked at all. If at least one element uses insecure .munication, sensitive data, like passwords and logins, can be captured. Third party elements must be checked the same as native elements of the application under test. One should make sure in course of mobile testing , desktop testing and web site testing that all the important and sensitive data are transferred encrypted. The development team must correct all the reported security defects, including those in the third party elements. About the Author: – – – – – – – – – – 相关的主题文章: