This site is the archived OWASP Foundation Wiki and is no longer accepting Account Requests.
To view the new OWASP Foundation website, please visit https://owasp.org

Talk:Mobile Top 10 2016-Top 10

From OWASP
Revision as of 20:50, 29 March 2017 by Eelgheez (talk | contribs) (+screen capture attack)

(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to: navigation, search

Screen capture attack

Which category would the screen capture attack fall into?
We discovered that most of the mobile banking applications we examined do not use any protection mechanism to defeat the screenshot attacks. The experimental results of the Capture-Me attacks show the weakness of the (user id and password) as the only authentication mechanism used in many mobile banking applications. Our recommendation is that the mobile banking application should implement other authentication techniques such as the multi factor authentication in order to protect their users’ data and their system’s integrity.
http://espace.etsmtl.ca/1498/1/EL-SERNGAWY_Mohamed.pdf --Eelgheez (talk) 15:50, 29 March 2017 (CDT)