tiqr security audit report released

Posted by: Roland van Rijswijk in: News

In May 2011 SURFnet hired Madison Gurkha to perform a security audit on the tiqr application for iOS and Android as well as for the server-side reference implementation. A report containing a summary of the findings of this security audit and details how the vulnerabilities that were identified in the security audit have been mitigated in the current tiqr release is now available. It includes a summary of the results of a re-audit performed by Madison Gurkha in September 2011 on the updated tiqr application and server-side reference implementation.

The main conclusion of the report and the re-audit is that the security of tiqr is more than sufficient

The report can be downloaded here

Leave a comment