Mobile platforms are, for quality leaders at financial firms, challenging endpoints to assure, due to the evolving release practices of platform providers and inherent security vulnerabilities.
On 19th November 2019, Apple Inc. released the highly anticipated iOS 13. Originally expected to bring new privacy and performance benefits, many suffered app delays, glitches and inconsistent connectivity.
In response, Craig Federighi, SVP of Software Engineering at Apple is reported to have announced an overhaul of its approach to software releases. From iOS 14 onwards, unfinished and buggy features will be turned off by default, providing QA teams with a more accurate picture about the stability of each release.
Apple has since gone on to release point versions to resolve these reliability and performance issues.
But in the race to deliver a more consistent, robust updates for software quality assurance on mobile platforms, Apple is not alone.
“Thousands of apps inside Google Play [have] known vulnerabilities,” according to Yaniv Balmas, Head of Cyber Research for Check Point Software Technologies. For hackers, “this is the low hanging fruit.”
So, as Apple and Google seek to enhance their software release practices, financial firms should also evolve their mobile security testing methods.
To begin, quality leaders should implement overall software performance measures that encompass security vulnerabilities. Further, acquiring security testing tooling from vendors like Check Point Software Technologies, CAST Software and Detectify may increase visibility into critical threats.
Ultimately, firms can move towards a DevSecOps approach to effectively govern release pipelines and comply with regulatory requirements for software risk management.