Task #12991
Support #12933: [SCP ID :##6249##] : Mobile Pentest Remediation
[ANDROID] - Pentest - I1 - Application Allows Use of Third-Party Keyboards
Status: | User Acceptance Test | Start date: | May 11, 2022 | |
---|---|---|---|---|
Priority: | Normal | Due date: | ||
Assignee: | Binti Marobi Athirah Umairah | % Done: | 100% | |
Category: | PCI DSS - Pentest | Spent time: | - | |
Target version: | - |
Description
The application allows the use of third-party keyboards when entering sensitive data. A malicious third-party keyboard could spy and log users' input.
Action Plan:
Already set the program following the reported issue on last Pentest scanning.
Aina need to review the code.
History
#1 Updated by Rahmat Aina Nadia over 2 years ago
- Assignee changed from Rahmat Aina Nadia to MUHAMMAD IHSAN
#2 Updated by MUHAMMAD IHSAN over 2 years ago
- File WhatsApp Image 2022-05-19 at 10.13.59 AM.jpeg added
- Status changed from New - Begin Life Cycle to Finished Development
- % Done changed from 0 to 100
Alert to notify users that they are using a third-party keyboard is already implemented.
#3 Updated by Rahmat Aina Nadia over 2 years ago
- Assignee changed from MUHAMMAD IHSAN to Nurul Syahirah Md Nawi
#4 Updated by Nurul Syahirah Md Nawi over 2 years ago
- Status changed from Finished Development to Internal Testing
#5 Updated by Nurul Syahirah Md Nawi over 2 years ago
- File Internal Test Results_SCPID #6249_ANDROID I1.docx added
Tested & passed
#6 Updated by Nurul Syahirah Md Nawi over 2 years ago
- Status changed from Internal Testing to System Integration Test
#7 Updated by Nurul Syahirah Md Nawi over 2 years ago
#8 Updated by Nurul Syahirah Md Nawi over 2 years ago
- File deleted (
Internal Test Results_SCPID #6249_ANDROID I1.docx)
#9 Updated by Nurul Athira Abdul Rahim over 1 year ago
- Status changed from System Integration Test to Pending UAT Deployment
- Assignee changed from Nurul Syahirah Md Nawi to Rahmat Aina Nadia
Please deploy this fixes to UAT.
Thanks
#10 Updated by Rahmat Aina Nadia over 1 year ago
- Status changed from Pending UAT Deployment to User Acceptance Test
- Assignee changed from Rahmat Aina Nadia to Binti Marobi Athirah Umairah
Hi Umai,
kindly refer to the link below for the UAT APK. The APK link in the google sheet is also updated.
https://drive.google.com/file/d/1IaK9xpXygbTlXJWvJZZxvToz1U_Gamqi/view?usp=share_link