Signature Verification Implemented

Signature Verification Implemented

Risk: secure

Description

The application detected that it was re-signed with a different certificate and responded by terminating or displaying a security warning.

This indicates the app performs runtime signature verification, preventing tampered or repackaged builds from functioning normally.

Recommendation

The implementation is secure, no recommendation apply.

Links

• OWASP MASTG - Testing File Integrity Checks (MASTG-TEST-0047)
• OWASP MASVS - MASVS-RESILIENCE-1

Standards

• OWASP_MASVS_RESILIENCE:
  • MSTG_RESILIENCE_3
• OWASP_MASVS_v2_1:
  • MASVS_RESILIENCE_1
• PCI_STANDARDS:
  • REQ_6_2
  • REQ_6_3
• SOC2_CONTROLS:
  • CC_7_1
  • CC_7_2
• HIPAA_CONTROLS:
  • SECURITY212
  • SECURITY213
• OWASP_MOBILE_TOP_10:
  • M7_2024