v17 Mobile verification requirementsΒΆ
- 17.1 App verifies SSL certificates
- 17.2 App does not use UDID values as security controls
- 17.3 App protects sensitive data
- 17.4 App does not use SQLite for sensitive data
- 17.5 App does not have Secret credentials hard-coded in executable
- 17.6 App protects against auto-snapshot information leakage
- 17.7 App cannot be run on a jailbroken or rooted device
- 17.8 App session timeout is of a reasonable value
- 17.9 App requires appropriate permissions and resources
- 17.10 App crash log does not contain sensitive data
- 17.11 App binary has been obfuscated