• 3.2 Use SECURE Setting For Cookies
• 3.5 Limit Use of UUID
• 3.7 Institute Local Session Timeout
• 3.10 Hide Account Numbers and Use Tokens
• 3.13 Avoid Storing App Data in Backups