https://habrahabr.ru/company/avito/blog/351618/
Spock and Android (pdf)
Tag: security / crypto
QA, testing in mobile development
OWASP Mobile Security Testing Guide [https://github.com/OWASP/owasp-mstg/blob/master/README.md]
API, tokens, auth, oauth
Tokens used by Auth0 [https://auth0.com/docs/tokens]
Android – keep secrets right
research of android security [https://tproger.ru/digest/android-security-resources/]
SSL pinning защита мобильного банкинга на android с помощью ssl сертификата [https://www.emaro-ssl.ru/blog/ssl-pinning-for-android/] [pdf]
Android AES crypto encryption [https://habrahabr.ru/company/rambler-co/blog/279835/] AES/CBC/PKCS5Padding [pdf]
Tampering detection Android [https://www.airpair.com/android/posts/adding-tampering-detection-to-your-android-app]
Authentication Android SSL client cert [https://habrahabr.ru/post/194530/] [pdf]
Tips for Developing Secure Android Applications [https://medium.com/@saranyaan2710/tips-for-developing-secure-android-applications-984a89ae3190]
Using a Custom Certificate Trust Store on Android [https://nelenkov.blogspot.com/2011/12/using-custom-certificate-trust-store-on.html]
Secure data in Android — Encryption
This article is a part of “Secure data in Android” series:
Encryption
Encryption in Android (Part 1)
Encryption in Android (Part 2)
Encrypting Large Data
Initialization Vector
Key Invalidation
Fingerprint
Confirm Credentials
Android IPC
AIDL (Android Interface Definition Language) и коммуникация между процессами (IPC) [https://habrahabr.ru/post/139432/]