I have one banking domain mobile application then how i will implement the security testing on that Application?
I am not a security expert but i thing at least the below things should be tested:
1- check that all services requested from the are encreptyed, at least the login services and if there is any payment or personal/company information.
2- check if the app uses any physical files to store data in a plain text.
3- if there is login/buying items/ or any functionality that gives users more things, you should check if you can create fake requests.
4- also try to test the middle man, use fiddler to edit the requests/ response going through the app, and would that edit take effect.