Security

What steps are taken to protect privacy when a manual or automation setting ends?

When a testing session ends, the following steps will be applied:

  1. Applications installed during the testing session will be removed.
  2. Any applications left running will be exited out of and shut down.
  3. On iOS devices, browser history and bookmarks will be removed from Safari.
  4. On Android devices
    1. Chrome, Android, HTC, Asus, and Samsung browsing history and bookmarks will be removed.
    2. Any logged-in accounts in Setting will be removed.
Does Kobiton keep my application on the device I have tested?

No, Kobiton automatically uninstalls any installed application once a test session ends, but you must clean up other data created or used during the test session.

Are there any restrictions on testing a particular domain app?

Yes, Kobiton prohibits testing apps that are used for hacking or malware distribution. For private devices, it's safe to use apps that contain sensitive personal or financial information such as healthcare apps or banking apps, but we don't recommend so for public devices.

What should I do if I observe a security breach?

Please notify Kobiton immediately of any unauthorized access of your ID, password, or any other known or suspected security breaches.

Is it safe to test my application on Kobiton devices?

Yes, however, we recommend you do not test applications in the cloud that contain sensitive personal and financial information such as healthcare apps or banking apps.

Will anyone else be able to access my application or the device during a testing session?

No, Kobiton cloud devices are only available to you once a test session has started. Kobiton protects your applications and they are not accessible during or immediately after a test session. Kobiton automatically uninstalls the app after you complete the test session for Public devices. Private customers manage their own cleanup policy options.

When testing on a device, are any other applications using the device at the same time?

While no one else will be testing on the device at the same time, there are always apps using the device such as pre-installed apps, system apps, services, etc. These apps should not interfere with your testing sessions.

Are test session data and logs available to others?

Yes, admins and members of your team have access to test session data. Non-admin users who are not in your team will not have access to session data.

What should I do if I observe a security breach?

Please notify Kobiton immediately of any unauthorized access of your ID, password, or any other known or suspected security breaches.

Are Google account credentials removed from Android devices after a test session ends?

Kobiton removes all Google account information on Android devices at the end of a test session, but you should always verify that your information has be wiped just to be sure.

Are there any firewall rules?

If your Kobiton subscription is configured to use gRPC to access remote devices, you can check if you'd run into any issues caused by your browser being behind a firewall by visiting https://grpc-check.kobiton.com. If issues do arise, follow the instructions or contact our support team for further assistance.

What is the benefit of the App-Ray integration?

App-Ray scans all Android and iOS devices to detect vulnerabilities that could compromise the security of public Kobiton cloud devices. This is a community safety measure that benefits all users.

What type of security threats/risk is App-Ray scanning for?

There are more than 50 threats that App-Ray will scan for, ranging from critical issues such as virus, device admin to minor issues such as contact read, camera usage, etc. See App-Ray security threats for more information.

My app was flagged for risk. What should I do next?

Submit a request for bypass approval. "Security risk detected" applications will not be allowed to be tested on Kobiton devices until the bypass request is approved by our team.

What's the difference in criteria between "no risk" and "security approved"?

No risk applications have been scanned and no is risk detected.
Security approved applications have had their bypass request approved and the application can be installed on Kobiton devices.

I believe my app was incorrectly flagged for security threats. How do I dispute this?

We are very confident in the App-Ray security scanning technology, but if you disagree with the outcome, please contact our support team.

After resolving the detected threats, we are unable to install the application. What should we do next?

Please email the Kobiton support team at support@kobiton.com

My application has been flagged as "security risk detected". Can the application be installed on my in-house devices?

Yes, applications with critical risks detected  are only prohibited from  being installed on public Kobiton cloud devices.

Was this article helpful?
0 out of 0 found this helpful