Home page logo

webappsec logo WebApp Sec mailing list archives

RE: Internet based banking applications security
From: "Griffiths, Ian" <Ian.Griffiths () liv-coll ac uk>
Date: Wed, 12 May 2004 09:31:55 +0100

I'd guess that a major issue at the moment is users being fooled in to entering their details in to a nefarious web 
application which looks authentic but of course is not.  I'm not sure if discussion of this would be beyond the scope 
of the list.

        -----Original Message----- 
        From: Amit Sharma [mailto:amit.sharma () linuxwaves com] 
        Sent: Wed 12/05/2004 03:39 
        To: webappsec () securityfocus com 
        Subject: Internet based banking applications security

        Hi List,
        I have been auditing a local Internet Bank's website in my area for a while now.
        OWASP and this mailing list provides excellant resource for looking at web apps security from a technical 
perspective; SQL injections, cross-site issues and like wise.
        However, am sure there are domain specific security issues including social engineering, audit trail ones, 
outsourcing control requirements etc, into core of these web applications and developing an insight would improve 
security tremendously. Typical applications that now have web front end include balance inquiry, funds transfer, bill 
payment, transaction information, loan application.
        Any directions will be welkome.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]