Before we jump to iOS apps in detail, it is vital to understand the fundamental security features of the iOS platform, which are crucial during app assessment.
The following diagram shows the security architecture of an iOS device and also provides an overview of security features implemented from the hardware level to software stack:
Roughly, we can split the iOS security model into these layers:
Device-level security
System-level security
Data-level security
Network-level Security
Application-level security
Hardware-level security
At the device level, the security model ensures that unauthorized personnel cannot use a user's device. It enforces a device-level lock such as a PIN or passcode, remote wipe using mobile device management (MDM), and options such as activation lock and finding your phone. Strategically, Apple allows the signing of configuration profiles, thereby allowing companies to centrally distribute all configurations to the device...