DEKRA has been authorized by the ioXt Alliance to perform security evaluations in Mobile applications and Virtual Private Networks (VPN) within the ioXt Certification Program. DEKRA was one of the first Authorized Laboratories recognized by the ioXt Alliance last year to test and certify products for the Internet-of-Things (IoT) cybersecurity market. Now, DEKRA extends its evaluation scope by adding Mobile apps and VPN, after the ioXt Alliance announced the inclusion of these new profiles to their Certification Program for the Internet-of-Things market.
"Mobile apps and VPN play a significant role within the IoT ecosystem, so it's highly important to evaluate their security and assure users protection. With the extension of our scope as an Authorized Lab for ioXt Certification Program, we are happy to contribute to this mission and support manufacturers evaluating the security of their Mobile apps and Virtual Private Networks in our laboratories”, said Fernando E. Hardasmal, Head of the Service Division Product Testing and Executive Vice President at DEKRA.
“With global standards, guidance from industry leading organizations and Authorized Labs such as DEKRA, mobile applications and VPN developers will have better insight into their security and flaws, and have greater confidence that it will work as intended,” said Brad Ree, Chief Technology Officer of the ioXt Alliance.
The ioXt Alliance Certification Program measures product security following the eight ioXt principles, that define product security, product upgradability and consumer transparency. These principles provide clear guidelines for quantifying the appropriate level of security needed for each specific product. Manufacturers may submit their products to Authorized Labs like DEKRA, to test if their devices meet the ioXt security requirements to obtain the ioXt Certification Mark. Once approved, the ioXt SmartCert informs end-users, retailers and ecosystem partners that the product complies with the ioXt security requirements.
“The efforts of the ioXt Alliance to create a cybersecurity global standard and a certification scheme for IoT devices are very valuable and beneficial for the whole industry, as it allows companies and consumers to enjoy a more secured ecosystem”, said Rubén Lirio, Cybersecurity Manager of the Service Division Product Testing at DEKRA.
DEKRA’s scope as an ioXt Authorized Lab includes testing and certification services for Android devices, Smart speakers, Mobile Applications and VPN profiles, and the ioXt 2020 Base Profile for all devices which are not covered under another profile. For these services, DEKRA will perform a meticulous security evaluation to detect and reduce any potential security risks in IoT devices, following the requirements defined by the ioXt Alliance.
Moreover, DEKRA has evaluated numerous mobile applications linked to the IoT device ecosystem following the OWASP Mobile Security Testing Guide (MSTG) and the OWASP Mobile Application Security Verification Standard (MASVS).
In addition, DEKRA offers an extensive portfolio including all key testing and certification services manufacturers need to launch their IoT devices at any markets, such as regulatory, type approval, wireless, global market access and cybersecurity services, among others, which makes DEKRA the best partner to support customers to validate their products.