NHS Digital require developers of apps and digital tools confirma that a security assessment has been carried out against applicable Open Web Application Security Project standards.

Applications are assessed using Mobile Security Framework (MobSF), an automated, all-in-one mobile application pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

App Security Score Calculation

• Every app is given an ideal score of 100 to begin with.
• For every findings with severity high we reduce 15 from the score.
• For every findings with severity warning we reduce 10 from the score.
• For every findings with severity good we add 5 to the score.
• If the calculated score is greater than 100, then the app security score is considered as 100.
• And if the calculated score is less than 0, then the app security score is considered as 10.