Temu, which advertised at the Super Bowl for a second year running, announced it has received the MASA certification (Mobile Application Security Assessment) following an evaluation by DEKRA, the world’s largest independent expert testing organization. The MASA certification is a part of Temu’s efforts to uphold the highest security and privacy standards for its users.
MASA certification was launched in July 2022 by the Google-launched App Defense Alliance (ADA) as a program to improve application security through third-party independent security assessments. The goal is to ensure the safety of Google Play and the broader Android ecosystem and to provide more transparency to consumers. DEKRA is one of six Google Authorized Labs that conduct this security assessment.
The MASA framework sets forth a rigorous set of security guidelines designed to protect mobile applications against the latest cybersecurity threats. The certification process involves a detailed examination of an app’s data handling, encryption practices, authentication mechanisms, and compliance with industry-standard privacy protections. By adhering to these stringent standards, Temu demonstrates its commitment to safeguarding users’ personal and financial information by enhancing user data protection beyond Google Play store security requirements.
Key areas assessed by MASA
● Data privacy and security within the app.
● Use of strong encryption for information protection.
● Access control to ensure only authorized user entry.
● Security of data during internet transmission.
● Minimal and necessary permission requests from devices.
● Validation of all incoming data to prevent security breaches.
● Restriction on other apps accessing secure features.
● Frequent updates to address security vulnerabilities.
We submitted the Temu app for MASA certification as part of our continuous effort to improve on user privacy and security. We want to assure our users that they can shop with confidence, knowing their data is protected by the best practices in the industry.
– Temu spokesperson
The MASA certification is the latest in a series of measures taken by Temu to enhance its transparency over its security and privacy practices. Previously, Temu collaborated with the San Francisco-based cybersecurity company HackerOne to establish a bug bounty program, incentivizing ethical hackers to identify and report security flaws in Temu’s system. Additionally, Temu implemented two-factor authentication to enhance the security of user login procedures.
Other apps that have undergone independent testing and received the MASA certification include Walmart, Google, YouTube, Instacart and Otto.
