Temporary Checklist

This checklist contains the old MASVS v1 verification levels (L1, L2 and R) which we are currently reworking into "security testing profiles". The levels were assigned according to the MASVS v1 ID that the test was previously covering and might differ in the upcoming version of the MASTG and MAS Checklist.

For the upcoming of the MASTG version we will progressively split the MASTG tests into smaller tests, the so-called "atomic tests" and assign the new MAS profiles accordingly.

MASVS-ID Platform Control / MASTG Test L1 L2 R
MASVS-AUTH-1 The app uses secure authentication and authorization protocols and follows the relevant best practices.
MASVS-AUTH-2 The app performs local authentication securely according to the platform best practices.
Testing Confirm Credentials
Testing Biometric Authentication
Testing Local Authentication
MASVS-AUTH-3 The app secures sensitive operations with additional authentication.