Frequently Asked Questions

Everything you need to know about CheckAppSec

How long is my data stored?

All uploaded files and analysis results are automatically deleted after 2 hours. You can also delete your data immediately using the 'Delete Now' button on the results page.

Is my analysis private?

Yes, absolutely. Each analysis is protected by a unique session token that's only stored in your browser. Only you can access your results, and even we cannot view them without your token.

Do you keep copies or backups of my apps?

No. We do not create any copies, backups, or archives of your applications. Files are stored temporarily during analysis only and are permanently deleted afterward.

What types of vulnerabilities can you detect?

Our static analysis scans for: insecure data storage, hardcoded secrets (API keys, passwords), weak encryption, dangerous permissions, code injection vulnerabilities, insecure network communication, and more.

Can I analyze apps I don't own?

No. You should only analyze applications you own or have explicit permission to test. Unauthorized analysis may violate laws and our Terms of Service.

How accurate is the analysis?

Our static analysis tools detect many common security issues, but they are not 100% comprehensive. We recommend combining our results with manual code review and dynamic testing for complete security assessment.

What file size limit do you support?

We support IPA files up to 500MB. Larger enterprise applications may need to be split or analyzed in parts.

Do you track users or use analytics?

No. We do not use cookies, tracking pixels, analytics scripts, or any third-party tracking technologies. Your activity on our site is completely private.

Can I use this for enterprise/commercial apps?

Yes! Our zero-retention policy makes us suitable for analyzing proprietary and confidential applications. Many security teams use our service for in-house app testing.

What happens after 2 hours?

After 2 hours, all data associated with your analysis (uploaded file, scan results, session tokens) is permanently deleted from our servers. The analysis ID becomes invalid and cannot be recovered.

Do you comply with GDPR/CCPA?

Yes. Our data minimization approach (automatic deletion, no user accounts, no tracking) exceeds the requirements of GDPR, CCPA, and similar privacy regulations.

Can I access my results from a different device?

No. Results are tied to the session token stored in your browser. This is a security feature to prevent unauthorized access. You must access results from the same browser that uploaded the file.

What if analysis fails or times out?

If analysis fails, you'll see an error message with details. The uploaded file is still automatically deleted. You can try uploading again. If problems persist, contact support@checkappsec.com

Do you support Android APK files?

Currently, we only support iOS IPA files. Android APK analysis is planned for a future release.

Is there an API for automated scanning?

Not yet, but we're considering an enterprise API for CI/CD pipeline integration. Contact us if you're interested in early access.

How do I report a security issue with your service?

We take security seriously. Please report any vulnerabilities to security@checkappsec.com. We'll respond within 24 hours.

Still have questions?

We're here to help! Reach out to our support team.

📧 support@checkappsec.com🔒 security@checkappsec.com
Privacy Policy•Terms of Service•Home