MASVS-CRYPTO

Checklists Updated (June 2025)

The checklists now include all MASTG tests, as well as updated mappings to the new MAS profiles.

MASVS-ID MASTG-TEST-ID Control / MASTG Test Platform L1 L2 R P Status
MASVS-CRYPTO-1 The app employs current strong cryptography and uses it according to industry best practices.
MASTG-TEST-0221 Broken Symmetric Encryption Algorithms platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0232 Broken Symmetric Encryption Modes platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0016 Testing Random Number Generation platform:android profile:L1 profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0205 Non-random Sources Usage platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0013 Testing Symmetric Cryptography platform:android profile:L1 profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0204 Insecure Random API Usage platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0014 Testing the Configuration of Cryptographic Standard Algorithms platform:android profile:L1 profile:L2 update-pendingstatus:update-pending
MASTG-TEST-0210 Broken Symmetric Encryption Algorithms platform:ios profile:L1 profile:L2 newstatus:new
MASTG-TEST-0063 Testing Random Number Generation platform:ios profile:L1 profile:L2 update-pendingstatus:update-pending
MASTG-TEST-0061 Verifying the Configuration of Cryptographic Standard Algorithms platform:ios profile:L1 profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0211 Broken Hashing Algorithms platform:ios profile:L1 profile:L2 newstatus:new
MASVS-CRYPTO-2 The app performs key management according to industry best practices.
MASTG-TEST-0015 Testing the Purposes of Keys platform:android profile:L2 update-pendingstatus:update-pending
MASTG-TEST-0212 Use of Hardcoded Cryptographic Keys in Code platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0208 Insufficient Key Sizes platform:android profile:L1 profile:L2 newstatus:new
MASTG-TEST-0062 Testing Key Management platform:ios profile:L2 deprecatedstatus:deprecated
MASTG-TEST-0214 Hardcoded Cryptographic Keys in Files platform:ios profile:L1 profile:L2 newstatus:new
MASTG-TEST-0209 Insufficient Key Sizes platform:ios profile:L1 profile:L2 newstatus:new
MASTG-TEST-0213 Use of Hardcoded Cryptographic Keys in Code platform:ios profile:L1 profile:L2 newstatus:new