Cyber Security in practice

App mania – playing it safe

The popularity of mobile applications (apps) is unwavering. Statistics show that, at the start of 2023, around 2.68 million apps were available in the Google Play Store. However, these millions of apps also mean countless potential risks – especially when security has not been thoroughly tested. To ensure that apps are tested properly and application data are protected, the Google-initiated App Defense Alliance (ADA) has introduced a security check: the Mobile Application Security Assessment (MASA).


Developers benefit from testing their applications according to the MASA process, as it builds trust with the user if the app has been tested thoroughly in terms of security and data protection. There are just five providers that are authorized by the ADA to conduct these tests, and DEKRA is one of them.

DEKRA maintains close dialog with developers at all stages of the MASA process. In terms of data protection, for example, developers are required to clearly document how they collect and use personal data. If they resolve the vulnerabilities identified vulnerabilities and successfully pass the test, they receive an official security certification stamp.

App security

Six test categories

  • Data storage and data protection
  • Cryptography
  • Authentication and session management
  • Network communication
  • Platform interaction
  • Code quality and build settings

Three questions for ….

Rubén Lirio Vera

Business Line Manager Cyber Security Testing & Certification

As Business Line Manager, Rubén is actively shaping the Product Testing Portfolio within DEKRA’s Cyber Security Hub and is also steering the onboarding of new cyber security solutions on a global level.

Rubén is an experienced professional and leader with a track record of over 15 years in the IT industry. He is an advocate for driving successful transformational initiatives within the organization and is known for building efficient teams that successfully bring new cybersecurity services to life.

His driven personality and his entrepreneurial background as a start-up founder, make him a respective member of different working groups, including the European Union Agency for Cybersecurity (ENISA), where he is contributing to enhancing future activities in the Cyber Security Market Analysis.


More and more developers are having their apps tested by DEKRA. What are the most frequent vulnerabilities?

Developers fail most frequently when it comes to authentication, session management, data storage, and data protection. This applies to around 40 percent of applications, and 90 percent fail in at least one test category. However, this is not really surprising because they are currently adapting their apps to proven security processes.

How did DEKRA manage to become one of the five MASA partners?

Truth be told, it was a long process. For one thing, DEKRA had to pass a technical assessment in order to become qualified. And we also had to offer the service on the basis of a fully developed process that was accredited to ISO 17025. Furthermore, we had to ensure we met the requirements for quality and service level agreements. We were able to do this thanks to our qualified personnel and feedback from our customers.

What are the current trends in app development and what do they mean for security testing?

We are seeing more and more customers developing applications according to the security by design principle. As a result, certifying the apps is much easier because developers use proven processes from the design phase onward. Another important trend is the use of artificial intelligence and machine learning. These technologies enable apps to understand user behavior in order to deliver personalized experiences. This is something that MASA might be testing soon, to ensure that the apps comply with ethical principles. And lastly, cloud-based services are enabling greater flexibility, scalability, and security in the development of mobile applications.

Future mobility

Future Mobility

Automated driving depends on reliable chip technology. DEKRA inspects the manufacturers.

Future mobility

Safe automated driving

The functional safety of microchips is critical in automated driving. DEKRA tests the manufacturers to international standards.

Cyber Security

Cyber Security

Ensuring the security of data and individuals is a mammoth task in the digitalization era.