Mintegral passes user privacy security assessment performed by internationally recognized accounting firm
SAN FRANCISCO, Jan. 7, 2021 /PRNewswire/ -- Mintegral, a mobile advertising platform, has announced that its SDK products have completed a user privacy security assessment performed by an internationally recognized accounting firm. The audit report showed that Mintegral has established a complete system to maintain the security of users' personal information and other sensitive information during the collection and transmission process.
The Mintegral user privacy security assessment was carried out by a top 10 international accounting firm with extensive service experience in data privacy and network security to provide customers with comprehensive solutions and strategies to help improve risk management.
This audit followed the guidelines of the National Institute of Standards and Technology's cyber security whitepaper "Mitigating the Risk of Software Vulnerabilities by Adopting a Secure Software Development Framework (SSDF)" and focused on the four key areas including Prepare the Organization (PO), Protect the Software (PS), Produce Well-Secured Software (PW) and Respond to Vulnerabilities (RV). This firm conducted a comprehensive data privacy security assessment on the Mintegral platform through a variety of methods of source code review and testing, interviews with relevant technology and development leaders, internal control procedures/documents/policies and other information reviews. The reviews included Mintegral's existing governance model, information technology architecture, physical and logical security status, reporting mechanism, process improvement, target-state architecture, and the privacy compliance and security software development framework recorded by related data sets.
Assessing the security and user privacy of the Mintegral SDK source code
Mintegral SDK is the world's leading advertising SDK, integrated by 26,000+ mobile applications worldwide. In September 2020, Mintegral announced it would open source the SDK.
According to the assessment, the Mintegral SDK source code is rated as the highest level "Acceptable" for the auditing criteria of PO, PS and RV, and the second highest level "Area for Improvement" for PW. On the whole, Mintegral SDK has established and implemented standards and procedures that comply with user privacy security.
The report clearly pointed out that Mintegral SDK may collect user's device information such as device type, device ID, OS version, network connection type and device language for personalized ads and user experience optimization. Its privacy policy also explicitly provides the option of turning off user data collection to meet GDPR, CCPA and other legal policy compliance requirements. The source code review confirmed that Mintegral does not collect or transmit personal information or other sensitive data directly without the user's permission and identified no other potential privacy vulnerabilities. Mintegral has been collecting data in accordance with the policies of App Store and Google Play Store, and it has minimized the data points collected. In addition, Mintegral also uses security technologies such as encryption, network segmentation and firewalls to protect user data on its platform.
Creating a data security moat
"Mintegral has been sparing no effort to promote and ensure data security and advertising transparency. We have not only opened up the SDK source code, but also have been cooperating with professional organizations and third-party authorities in the industry to ensure data security and enhance transparency. We can confidently say that Mintegral's data security and privacy protection have reached international first-class standards and we are at the forefront of the industry in data security and transparency," Mintegral CEO, Erick Fang.
Prior to completing this user privacy security assessment, Mintegral obtained the kidSAFE COPPA (Child Privacy Protection) certification and IAB Tech Lab's OM SDK (Advertising Visibility Measurement) certification for two consecutive years. In addition to this, Mintegral has also successively completed a SOC2 data security and privacy protection report and has optimized its internal information security management system to earn the ISO/IEC 27001: 2013 standard certification.
The source code user privacy assessment may be viewed here.
PR Inquiries: pr@mintegral.com
Share this article