Mobile App Data Privacy

Audit
Analysis
Compliance
Assurance
Risk Management
Control

Our SaaS Platform Provides the World's Most Comprehensive App Analysis

AppCensus in Brief

We provide an integrated SaaS platform that delivers comprehensive insight into mobile app data management and privacy behaviors.

  • Our automated suite of analysis tools goes deep “under the hood” of apps to track real-world activity. It captures extensive technical detail on app behavior and data flows. 
  • Our system creates detailed reports identifying problems and potential issues. 
  • Our reports serve as a “privacy checklist” organizations can share internally and use to remediate technical issues, address design issues, and improve their overall privacy posture and practices.

We deliver unparalleled levels of insight and certainty to Chief Privacy Officers and Legal, CIOSs, Product Managers, and other internal stakeholders responsible for ensuring and demonstrating organizational compliance.

APP DATA PRIVACY ASSURANCE

What’s driving increasing focus on mobile app privacy?

Risk, Danger & Uncertainty. 

External Drivers

  • Complying with local, national and international data governance and privacy regulations
  • Preventing platform de-listing of apps for privacy concerns
  • Avoiding negative publicity, reputational damage, and lost consumer confidence due to bad press, regulatory actions, compliance penalties, or data breaches

Internal Drivers

  • Adhering to internal privacy programs and accuracy of privacy documents
  • Achieving and demonstrating stronger internal comfort and assurance on compliance status and footing
  • Aligning and focusing internal technical and compliance priorities, resources, and investments

Addressing the Critical Needs of Enterprise Privacy & Compliance Leaders 

The Chief Privacy Officers, CISOs, product managers and technical teams who work with AppCensus consistently emphasize three critical themes shaping the present mobile app regulatory, compliance and data privacy landscape:

clientssay_important

“This is incredibly important.”

  • The stakes are high
  • The need for assurance is acute
  • The profile of the problem is significant
    (visibility both internally and externally)
clientssay_difficult

“This is incredibly difficult.”

  • The ever-changing technology and policy landscape consistently raises new questions
  • New technical challenges (known and unknown) emerge constantly
  • Existing resources and tools cannot effectively meet today’s needs
clientssay_risky

“This is incredibly risky.”

  • The costs of errors or omissions can be onerous
  • Mistakes can lead to serious financial and reputation impacts
  • A false sense of security could be concealing very real danger

UNPRECEDENTED MOBILE APP ANALYSIS

We comprehensively assess your apps to effectively address critical data privacy requirements

Static Analysis
Analyzing apps and the data they may access — including app binaries and manifests, third-party SDKs, and permissions
Dynamic Analysis
Monitoring real-time behaviors — including data flows, file system and API access, and permission use
App Execution
Observing “real world” behaviors and test response to complex user interaction patterns
Multi-region Support
Observing app behavior in multiple regions with different legal privacy frameworks — including the US and EU
Network Analysis
Reviewing incoming/outgoing data — proprietary packet-level review gains visibility even with TLS and / or certificate pinning
Previous slide
Next slide

AUTOMATED, INTELLIGENT INSIGHT

AppCensus Delivers Real-World Results
and Actionable App Insight

0
app versions tested
0
issues flagged for review and remediation

Flagging issues like:

  • Combining identifiers with varying degrees of anonymity
  • Transmitting advertising IDs along with other identifiers
  • Unencrypted transmissions
  • Unencrypted transmissions of identifiers
  • Transmission of identifiers without explicit consent
  • Premature transmission of identifiers before age gate (e.g. COPPA)
  • Improper use of privacy configurations in SDKs
  • Cross-regional / cross-jurisdictional data transmissions (e.g. GDPR)
  • Improper privacy label disclosure
  • Transmission of identifiers without adequate permissions (e.g. Location)
  • Transmission of transformed identifiers (e.g. hashed)
  • Excessive or unwarranted transmission of identifiers
  • Transmission of disapproved identifiers
  • Transmission of incorrect identifiers (e.g. changing AAIDs)
  • Transmission of specific disapproved identifiers (context: ads, videos, etc. in which client is not allowed to see specific user data)

And more…

ACTIONABLE INTELLIGENCE ON MOBILE APP COMPLIANCE

We deliver detailed information and insight that helps you understand and address critical issues

reports1

Detailed Reports

reports2

Highlighted Issues

reports3

Visualizations

reports4

Granular Results

INTEGRATED, AUTOMATED, INTELLIGENT

AppCensus:
Delivering Insight In Depth

  • SaaS delivery model — on-demand and self-service
  • Upload binary apps (individually or in bulk) directly (e.g. APK / IPA files), including pre-release apps — or have the system download directly from app stores
  • Analyze in depth and report in detail on app behavior and data transfers
  • Testing performed on live devices
  • Automate / integrate into other internal systems and processes via available API access

MOBILE APP COMPLIANCE TESTING

The App Audit Process —
Inputs & Outputs

Our solution supports a broad range of common submission methods and reporting options. 

(So if you have specific questions about how you can get apps into the system and the data you need out — the answer to your questions is most likely: “Yes.”)

Inputs

  • Apps direct from app stores
  • Unpublished apps uploaded directly
  • Apps “in” EU and well as US
  • Multiple versions of the same app

Outputs

  • Machine readable formats (JSON)
  • Online dashboard of results
  • Exportable results and visual assets
  • PDF analysis summary reports

Inputs

  • Apps direct from app stores
  • Unpublished apps uploaded directly
  • Apps “in” EU and well as US
  • Multiple versions of the same app

Outputs

  • Machine readable formats (JSON)
  • Online dashboard of results
  • Exportable results and visual assets
  • PDF analysis summary reports

MOBILE PRIVACY LABEL COMPLIANCE

Mobile App Data Privacy Label Analysis & Verification

Apple’s Privacy Nutrition Labels and Google’s Data Safety Labels frameworks offer a path to greater user clarity and comfort regarding how apps collect, share, and manage personally identifiable information (PII) and non-PII data. AppCensus enables organizations to achieve greater certainty when choosing, validating, and verifying their self-reported privacy labels.

  • Scan apps to establish an initial privacy label posture
  • Validate and verify reported privacy nutrition labels
  • Generate label recommendations based on observed behaviors 
  • Streamline the analysis process using AppCensus automation API
  • Leverage AppCensus SDK knowledgebase to understand which third party tools and APIs may cause privacy issues
app_lables_ios

ASSISTANCE, EXPERTISE & INSIGHT FROM APPCENSUS

AppCensus Support and Service that Drives Your Success

We can help you enhance your understanding, your policies, and you practices with optional consulting from our team of experts

Assessment & Advisory

  • “Deep Dive” app analysis report review, recommendations, and remediation planning
  • Privacy Labels (audit)
  • Internal privacy and compliance assessment, best practices, and roadmap development

Training & Workshops

  • Cross-functional / cross-departmental education, awareness, office hours / town halls, and training
  • Tailored, role-specific privacy and compliance education: policies, requirements & standards; regulatory rules; engineering best practices; organizational and cultural alignment, and more

CONTACT US
TO LEARN MORE