11.6 Hosting

11.6.1 Mobile API Hosting

  1. Security Audited APIs MUST be hosted in highly secure data centers equipped with firewalls and other security features.
  2. Hosting service provider MUST provide 24X7 accesses to APIs and backend databases.
  3. Appropriate disaster recovery site should be configured at different geographical location to avoid disruption of service in case of natural or manmade disasters.
  4. API hosting service provider should also provide technical support and help to the owner of the application.
  5. Adequate security measures must be built in the API to detect and discourage unauthorized use of the APIs.

11.6.2 Mobile App hosting

Apps are invariably hosted on the play stores of the target platform which have their own policies and guidelines. Play stores are public platforms and any user is allowed to upload app after paying a nominal fees to become a registered user. However for better visibility and access ensure that the app is uploaded through the official account of the API hosting service provider. Ensure compliance to target platforms policies.