SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Temu achieves MASA certification for its mobile app security
Wed, 21st Feb 2024

Temu has announced its successful attainment of Mobile Application Security Assessment (MASA) certification, following a comprehensive evaluation by DEKRA, the world's premier independent testing agency. Launched in July 2022 by the Google-initiated App Defense Alliance (ADA), the MASA certification is designed to enhance application security via independent third-party assessments. High-profile applications like Walmart, Google, YouTube, Instacart, and Otto are among those that have received this certification.

The Boston-based e-commerce company, which returned for a second year of advertising at the Super Bowl, earned this certification as part of its ongoing commitment to maintaining the highest security and privacy standards for its users. MASA certification ensures compliance with a series of stringent security guidelines aimed at defending mobile applications against the most current cybersecurity threats.

Within the MASA framework, applications undergo an extensive review of data handling, encryption practices, authentication mechanisms, and adherence to industry-standard privacy protections. Access control, data privacy, security within the app, use of robust encryption for information protection, internet transmission security, validation of all incoming data, and restriction on other apps accessing secure features are all key areas evaluated. Temu's procurement of the MASA certification illustrates its determination to protect users' personal and financial information, providing an additional layer of security beyond that required by the Google Play store.

Speaking on behalf of the company, a spokesperson said, "We submitted the Temu app for MASA certification as part of our continuous effort to improve on user privacy and security. We want to assure our users that they can shop with confidence, knowing their data is protected by the best practices in the industry."

The MASA certification marks the latest stride in Temu's roadmap to heightening transparency around its security and privacy practices. Previously, collaboration with San Francisco-based cybersecurity firm HackerOne resulted in the establishment of a bug bounty programme, incentivising ethical hackers to uncover and report security vulnerabilities within the Temu system. Addition of two-factor authentication added a further dimension to the security of user login procedures.

MASA certification embodies a commitment to preserving the safety of the Google Play and broader Android ecosystem, while fostering greater transparency for consumers. DEKRA is among the six Google Authorised Labs conducting such security assessments. Operating in an increasingly digitised world, such a proactive approach to security has become a priority for companies like Temu, seeking to assure their users about the sanctity of their personal information.