Mobile Application Security Assessment

We care about users. Whenever users download your app, they trust you with their data and they expect that you’ll protect it. That’s why we worked with Google to create a security assessment process based on OWASP MASVS Level One - to help you show your users that you value their trust.

How it works

Through MASA, Google will recognize developers who meet MASVS Level 1 requirements by completing an independent validation with Leviathan


An open-source industry standard for mobile application security


A comprehensive handbook for mobile application testing based on MASVS

Leviathan Security

An experienced team of security consultants delivering impactful security results

about masa

Why You Need MASA

Analyzing security posture

Regular security testing identifies key security patterns and strengthens application defenses

Increasing consumer confidence

Build a long-term trusting relationship with your clients and users, providing transparency and securing their data.

OWASP Mobile Application Security Verification Standard


Architecture, Design and Threat Modeling Requirements


Data Storage and Privacy Requirements


Cryptography Requirements


Authentication and Session Management Requirements


Network Communication Requirements


Platform Interaction Requirements


Code Quality and Build Setting Requirements

The MASA framework uses the OWASP Mobile Application Security Verification Standard (MASVS), considered a gold standard in data security and privacy. The assessment is performed across seven categories of MASVS Level 1, covering each angle of the app's functionality.

Why us?

Leviathan Security Group

The MASA framework uses the OWASP Mobile Application Security Verification Standard (MASVS), considered a gold standard in data security and privacy. The assessment is performed across 7 categories of the Level 1 MASVS, covering each angle of the app's functionality.

Official App Defense Alliance partner

Leviathan is an official partner of App Defense Alliance, focusing on the safety of the Google Play Store and the broader app ecosystem.

Industry leader

Founded in 2006, Leviathan Security Group combines more than 16 years of experience with a drive for innovation.

Proven track record

Leviathan's team consists of experienced professionals, guaranteeing our clients the highest quality of service.

Plans and pricing

Showcase your security posture by completing MASA and receiving an independent security review badge in the Data safety section of Google Play. Choose your plan and get started with MASA


Start an assessment within 48 hours

• 1 round of retest



Start an assessment within 10 days

1 round of retest


No Rush

Start an assessment within 3 month period

1 round of retest


What do you need to get started?

We have built an easy to use and convenient portal to make the MASA verification as smooth and convenient as possible. Follow the link below to register and get started.

Information about your Google Play developer account

Information about the application to test:

• Application and package names

• A test account for us to sign-in into your application, if it has login functionality

• APK file of the application, if it is not in Google Play Store


MASA Frequently Asked Questions

What’s the value of this program for developers?

Regular security testing can ensure that application controls are not vulnerable and user data is protected. Completing the assessment will allow developers to showcase this within Google Play and build trust with users.

What’s the benefit to users?

Users will be provided transparent methodology and the assurance that the application meets a security baseline.

What types of apps are applicable for this program?

Any app.

What is the scope of assessment?

The scope includes a general overview of all communication streams, authentication and client-side controls.

How long is the certificate valid

1 year with a yearly re-certification

What type of test cases will this assessment cover?

Level 1 MASVS requirements. For more information visit Github here.

How much does it cost?

Most application assessments will cost $2-3K, depending on scope and complexity.

How do I get started?

Reach out to Leviathan Security Group to schedule your assessment. Contact us through email

Get in Touch

We are here to help

Go ahead and get started through our portal, but if you have any questions about MASA, feel free to reach out through the form below, or email us directly:

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.