Software Development Kit (SDK) is a set of related documents, examples, and tools to assist in the development of a certain type of application software. SDK can improve the convenience of development and reduce unnecessary costs, but there are also more risky issues. Security vulnerabilities in the SDK's architecture will have great security and business impact on the host APP. BCTC protects consumer information in an all-round way through security evaluation and risk monitoring and provides security solutions to institutional customers for using SDK.

BCTC helps to complete SDK security verification through the following test methods.

1. Code Vulnerability Scanning. Security coding vulnerabilities in the SDK can be found through automated vulnerability scanning. Once the vulnerability rules are matched, the report can locate the vulnerability accurately and directly. BCTC can provide corresponding security solutions to risk vulnerability.

2. Data Flow Monitoring. Through continuous data flow monitoring, it is possible to monitor all the outbound traffic of the SDK, and then determine whether there is a private server, or the SDK sends data in violation of regulations and many other risk issues. The malicious code in the SDK can be precisely located.

3. Personal Information Collection Monitoring. Through the monitoring of permission calls and the analysis of transmission data, it is possible to monitor what information the SDK collects and what information is sent, and then determine whether the SDK has risk problems such as excessive collection, silent collection, and frequent collection. For monitoring illegal collection behaviors, malicious collection code can be located.