Explore the vulnerabilities in OAuth2.0 protocol when used for mobile app authentication in this 24-minute Black Hat conference talk. Delve into how the protocol, originally designed for website authorization, has been adapted for Single-Sign-On services by major Identity Providers (IdPs). Discover the security implications and potential risks associated with this widespread implementation. Learn from speakers Ronghai Yang and Wing Cheong Lau as they uncover the challenges of applying OAuth2.0 to mobile app ecosystems and discuss the impact on potentially billions of user accounts.