Play all

APPSEC EUROPE

Agenda

Common attack patterns

Clipboard (or memory) manipulation

Server vulnerability exploitation

How banks mitigate these risks?

Vuin examples (functional)

Vuln examples (non functional)

Transaction authorization best practices

make it trusted

overwrite data

business logic error

Trusted recipients Recommendations

Limit examples

Transaction limits - requirements

Notifications - requirements

USER AUTHENTICATION

Payment Services Directive (revised)

Strong Customer Authentication (SCA)

Payment Initiation Service

Account Information Service

Implementation errors - vulnerabilities

Precise requirements

OWASP to the rescue!

Internet banking - proposal

Description:

Explore common attack patterns and vulnerabilities in internet banking safeguards through this conference talk from AppSecEU 2016 in Rome. Delve into clipboard manipulation, server vulnerability exploitation, and how banks mitigate these risks. Examine functional and non-functional vulnerability examples, transaction authorization best practices, and recommendations for trusted recipients. Learn about transaction limits, notification requirements, and user authentication methods. Discuss the revised Payment Services Directive, Strong Customer Authentication, and implementation errors. Gain insights into precise requirements and OWASP's role in improving internet banking security.

Internet Banking Safeguards Vulnerabilities - AppSecEU 2016

OWASP Foundation

Add to list

#Information Security (InfoSec) #Cybersecurity #Business #Corporate Governance #Risk Management #Risk Mitigation #Vulnerability Assessment

0:00 / 0:00