Overview › Security · A11y · Licenses (iOS)

Security · A11y · Licenses (iOS)

iOS-specific report.

Source: codebase scan · 2026-05-07

Executive summary

Strong baseline (cert pinning, Keychain, passkey, SecRandomCopyBytes). Gaps: ATS exception in NSE, App Privacy Manifest verification, no FLAG_SECURE-equivalent on sensitive screens, accessibility WCAG 2.2 conformance is poor.

Security controls matrix

Control	Status	Evidence
HTTPS-only	PARTIAL	NSE has NSAllowsArbitraryLoads = true
Cert pinning (Alamofire / URLSession)	PRESENT	CostcoServerTrustManager
Keychain	PRESENT	Storage SPM wrapper
Passkey (FIDO2)	PRESENT	NokNok PasskeyManagerKit
Device intelligence	PRESENT	ThreatMetrixKit
Secure random	PRESENT	SecRandomCopyBytes in OIDC helper
App Privacy Manifest	VERIFY	Required since 2024
Jailbreak detection	ABSENT	Plan + opt-in for sensitive flows
Screen capture block on sensitive screens	ABSENT	Privacy overlay on background
Insecure logging (print)	REVIEW	30+ print() statements
WKWebView lockdown	REVIEW	evaluateJavaScript audit; allow-list domains
NowSecure CI scan	PRESENT	azure-pipeline-nowsecure.yml

WCAG 2.2 conformance (iOS)

Criterion	Status
1.1.1 Non-text content	PARTIAL
1.3.1 Info and relationships	PARTIAL
1.4.3 Contrast	FAIL
1.4.4 Resize text (Dynamic Type)	FAIL
2.4.7 Focus visible	PARTIAL
2.5.5 Target size (44pt)	FAIL
4.1.2 Name, role, value	PARTIAL

Open-source / vendor licenses

Apple / MIT / BSD — swift-algorithms, SnapshotTesting, iOSSnapshotTestCase
Apache 2.0 — most CocoaPods libraries
Custom Costco fork — RZVinyl, RZTransitions (formerly Raizlabs)
Commercial — Adobe Marketing Cloud, Contentstack, NokNok, ThreatMetrix

Findings

CRITICAL

WCAG conformance gaps

Three FAILs (contrast, Dynamic Type, target size).

Recommendation: Adopt UIFont.preferredFont, contrast validation in design tokens, custom .minimumTapTarget() modifier.

HIGH

NSAllowsArbitraryLoads in NSE

Replace with NSExceptionDomains.

Costco iOS · Code Review Report · Generated 2026-05-07 · 88 machine-curated findings