Blog

Android and iOS security mechanisms. Application stores

Before jumping to discussion of the differences between security mechanisms of both operating systems, we would like to mention basic security principles, like “read only mode” and process delimitation at the kernel level.
8 July 2014
Cybersecurity testing
Mobile app testing
The article by a1qa
a1qa

Before jumping to discussion of the differences between security mechanisms of both operating systems, we would like to mention basic security principles, like “read only mode” and process delimitation at the kernel level.

Android and iOS system partitions are unavailable for records, which prevents accidental or purposed file changing. Moreover, both operating systems apply “sandbox” principle. According to it every application operates in separately and cannot access system files or other applications data.

In iOS system almost all applications run under unprivileged user named “mobile”.

In Android system every application has its own user, which delimits the rights of running applications at the kernel of operating system.

The main differences of security mechanisms of Android and iOS are about:

  • limited access to the kernel
  • verification of downloaded OS
  • access right control

Before appearing in the App Store, iOS applications go through mobile app security testing to get checked and verified according to the requirements. Every application installed on the iOS should have unique certificate «iOS Developer Program» received after the verification process. These measures provide protection against malware in the App Store.

It`s curious but Google doesn`t check application before uploading to Google Play, but regularly runs the scan the store to detect malware. The approach might seems not much secure and it`s the truth as in Google Play there are lots of dangerous OSs. Still, according to the Hewlett-Packard research and “HP Security Research Cyber Risk Report 2013” these programs are unable to do much harm and are simply advertising applications.
Needless to say, that Google Play definitely has malware, though having certain user skills you can defend your device and OS.

When downloading applications to an Android device a user can see the full list of access permissions the application needs. If, for example, a flashlight application requests access to the contacts` list or needs internet access, it is definitely a malware.

The situation with access permissions is a bit different in iOS: every access request should be accepted or canceled by user.

What about the vulnerabilities in the OSs themselves? That we`ll discuss in the next post.

More Posts

Mobile app compatibility_mini
14 October 2021,
by a1qa
4 min read
Compatibility testing: 5 key tips to ensure high quality of mobile apps
Billions of mobile solutions and portable devices. Can you imagine that? Learn how to ensure robust software compatibility with accurate testing.
Mobile app testing
19 August 2021,
by a1qa
4 min read
Cybersecurity: Top 5 questions to ask a QA vendor
What information to request from QA providers to get confident in the complete security of your software and protect end-user sensitive data? Read about that in the article.
Cybersecurity testing
5G impact
31 May 2021,
by a1qa
4 min read
5G network impact on mobile app testing
Check out what 5G connectivity will bring to the IT world and how it will modify mobile app testing.
Cybersecurity testing
Mobile app testing
Performance testing
29 April 2021,
by a1qa
4 min read
Addressing 4 security issues for digital transformation programs
Find out the top 4 safety challenges of digital transformation and a QA playbook to address them and contribute to a higher level of cybersecurity.
Cybersecurity testing
31 March 2021,
by a1qa
4 min read
QA scenario to introduce 6 eCommerce trends in 2021
Discover what trends will rule the eCommerce industry in 2021 and how QA can help implement them with confidence and ease.
Cybersecurity testing
Test automation
15 March 2021,
by a1qa
4 min read
Mobile app performance testing: getting high software efficiency
Explore 3 cornerstones of mobile app performance testing and QA steps on how to execute it successfully.
Mobile app testing
Performance testing
25 February 2021,
by a1qa
4 min read
9 QA points for delivering high-quality SaaS-based solutions
In the article, we’ve gathered 9 QA factors relying on the SaaS specifics that may help to perform SaaS testing with ease.
Cloud-based testing
Cybersecurity testing
Functional testing
Performance testing
Test automation
16 February 2021,
by a1qa
5 min read
Winning trust: 5 industries that need blockchain testing
Get to know what industries are prone to rapid transformation within blockchain solutions, and how their catch-all testing can help keep leading positions.
Blockchain app testing
Cybersecurity testing
Functional testing
Performance testing
29 January 2021,
by a1qa
4 min read
3 do’s and 3 don’ts in BFSI software testing
Considering BFSI to be a fast-paced industry, how to keep up with such velocity? We’ve prepared 3 do’s and 3 don’ts that help sustain the rush and high software quality.
Functional testing
Mobile app testing
Test automation

Get in touch

Please fill in the required field.
Email address seems invalid.
Please fill in the required field.
We use cookies on our website to improve its functionality and to enhance your user experience. We also use cookies for analytics. If you continue to browse this website, we will assume you agree that we can place cookies on your device. For more details, please read our Privacy and Cookies Policy.