Let’s Talk More About Virtualisation and Sandboxes

Share this post

In one of our first posts, we dove into the basic background of containers, virtualisation and sandboxes. We covered how these are three of the most common terms used when talking about general computer security and mobile security, with all three being used to protect mobile applications. But what more can we learn? Let’s take a deeper look.

Virtualisation provides an abstraction over the physical hardware layer for an Operating System (OS). This abstraction allows any OS to run other OSes as guests on the same hardware. This abstraction also provides a separate environment for an application. While you can share files and peripheral devices between the main and guest OS, the guest OS will mostly be isolated from the main OS. In other words, users created on the guest OS and applications installed on the guest OS will not be available on the main OS. This flexibility of abstracting the hardware makes it possible to run more than one guest OS using the same hardware.

In addition, it allows us to take and store snapshots of the guest OS operation at any point in time when in similar environments also running the virtualisation software. Doing so makes the deployment of software and its dependencies far more manageable than installing all of them manually on many physical devices. One can also efficiently run different applications built for other OSes on a singular OS, regardless of the version or type of main OS. In this scenario, an application running in guest OS A cannot interfere with an application running on guest OS B

What is an application sandbox?

The term sandbox refers to an environment that has been created for the sole purpose of providing a safe place for testing, auditing, or analysing without interference from other similar production environments. This form of isolation – or sandboxing – is most common on server deployments. A typical example of this is the Apple push notification service sandbox.

On the other hand, the term sandbox could also refer to an isolated process running in an OS environment, shielded from other processes running in the same OS. When I say “shielded”, I mean that process B cannot interfere with process A’s execution and allocated resources or even communicate with process A without going through the device’s OS/kernel. This form of isolation on the OS level can be called “process sandboxing”.

Why are sandboxes and virtualisation important in software?

I have now outlined some common ways to isolate software and application processes from one another. But did you know that the benefit of securely isolating an unrelated aspect of a software process from others has had a significant impact on the quality of software one can develop?

The following paragraphs will outline some of the benefits of the sandboxing and isolation technique.

To continue reading this blog post, head on over to the Okay website where we dive further into sandboxes, security breaches, and how it all connects to SCA. 

Article by Okay

More To Explore


Merchant Community Membership

Are you a member of The Payments Association?

Member benefits include free tickets, discounts to more tickets, elevated brand visibility and more. Sign in to book tickets and find out more.


Log in to access complimentary passes or discounts and access exclusive content as part of your membership. An auto-login link will be sent directly to your email.

Having trouble signing?

We use an auto-login link to ensure optimum security for your members hub. Simply enter your professional work e-mail address into the input area and you’ll receive a link to directly access your account.

First things first

Have you set up your Member account yet? If not, click here to do so.

Still not receiving your auto-login link?

Instead of using passwords, we e-mail you a link to log in to the site. This allows us to automatically verify you and apply member benefits based on your e-mail domain name.

Please click the button below which relates to the issue you’re having.

I didn't receive an e-mail

Tip: Check your spam

Sometimes our e-mails end up in spam. Make sure to check your spam folder for e-mails from The Payments Association

Tip: Check “other” tabs

Most modern e-mail clients now separate e-mails into different tabs. For example, Outlook has an “Other” tab, and Gmail has tabs for different types of e-mails, such as promotional.

Tip: Click the link within 60 minutes

For security reasons the link will expire after 60 minutes. Try submitting the login form again and wait a few seconds for the e-mail to arrive.

Tip: Only click once

The link will only work one time – once it’s been clicked, the link won’t log you in again. Instead, you’ll need to go back to the login screen and generate a new link.

Tip: Delete old login e-mails

Make sure you’re clicking the link on the most recent e-mail that’s been sent to you. We recommend deleting the e-mail once you’ve clicked the link.

Tip: Check your security policies

Some security systems will automatically click on links in e-mails to check for phishing, malware, viruses and other malicious threats. If these have been clicked, it won’t work when you try to click on the link.

Need to change your e-mail address?

For security reasons, e-mail address changes can only be complete by your Member Engagement Manager. Please contact the team directly for further help.

Still got a question?