security-testing


How we can implement security testing on banking domain mobile application?


I have one banking domain mobile application then how i will implement the security testing on that Application?
I am not a security expert but i thing at least the below things should be tested:
1- check that all services requested from the are encreptyed, at least the login services and if there is any payment or personal/company information.
2- check if the app uses any physical files to store data in a plain text.
3- if there is login/buying items/ or any functionality that gives users more things, you should check if you can create fake requests.
4- also try to test the middle man, use fiddler to edit the requests/ response going through the app, and would that edit take effect.

Related Links

How we can implement security testing on banking domain mobile application?
Is logout option needed for a desktop application
Paros Proxy detailed tutorials

Categories

HOME
cakephp
log4j
wso2
reflection
mfc
lodash
bpmn
react-redux
frameworks
baqend
ezpublish
uber-api
append
rascal
modx-revolution
modelica
postgres-xl
phaser
fallback
dynamics-crm-online
designer
pythonanywhere
nhibernate-envers
lucene.net
excel-2007
realex-payments-api
hammerspoon
chromebook
phpfox
ejabberd-module
log4js-node
compatibility
quote
delicious-api
gsoap
nat
phonegap
google-sites-2016
typed.js
repo
http-referer
mapbox-gl
jmonkeyengine
simplexml
restlet
jquery-bootgrid
space-complexity
code-search-engine
sharefile
lumberjack
nomethoderror
estimote
mime
flashair
websphere-mq-fte
executenonquery
flickr-api
upstart
pubmed
clean-architecture
integrity
idisposable
statsd
drupal-6
carrot
csound
lift-json
sqlbulkcopy
spring-mongodb
webdriverjs
account-kit
vtigercrm
quartz-composer
pycaffe
migradoc
objective-c-swift-bridge
wdf
url-pattern
nxt
py2app
fputcsv
teamcity-8.0
purge
security-testing
processmodel
sonarqube5.1.2
proj4js
streambase
rdtsc
internet-connection
php-5.4
elliptic-curve
jquery-layout
app42
mcts
html5-notifications
prettify
terminal-services
mysqltuner
farseer
dir
eventlistener
free-variable
isnullorempty
window-management
spyware
xdomainrequest
appendto
pyinotify
sql-server-profiler
jmock
dbal
post-build

Resources

Mobile Apps Dev
Database Users
javascript
java
csharp
php
android
MS Developer
developer works
python
ios
c
html
jquery
RDBMS discuss
Cloud Virtualization
Database Dev&Adm
javascript
java
csharp
php
python
android
jquery
ruby
ios
html
Mobile App
Mobile App
Mobile App