登录查看更多内容

Web Application Authentication Risks

Sajid Pervez

Security Architecture | Security Engineering | AppSec

发布日期: 2015年8月19日

Most of the web applications (even in financial landscape) uses what we call "Front Door Authentication". Users are not bothered again (read re-authenticated) if their is something wrong going on with their usage behaviour.

Continuous Authentication becomes really important if the risk associated with broken authentication scheme has high impact for your business.

Solution: A multi-factor authentication scheme which uses out-of-band channel for 2nd factor authentication based on user behaviour will come to rescue in such a situation.

Google, Facebook, LinkedIn and many other social apps have started offering similar functionalities which is positive sign for growth in this domain.

要查看或添加评论，请登录

Sajid Pervez的更多文章

Dawn of API-first Design

2016年9月19日

Dawn of API-first Design

Our lives are full of devices and they seems to be invading our lives in meaningful ways. With so many devices all…
Key Management is a Pain

2016年8月31日

Key Management is a Pain

Key management is always something of prime interest to clients whenever they are being offered a solution which…

5 条评论
Crypto and Mobile Apps - A good way to go

2015年9月29日

Crypto and Mobile Apps - A good way to go

Cryptography and its implementation in applications has always been a challenge for developers which even gets harder…
Risk based authentication reduces fraud and boosts e-commerce

2015年9月11日

Risk based authentication reduces fraud and boosts e-commerce

Banks (Issuers) have started using the Risk based Authentication (RBA) with Visa 3D secure and MC Secure Code…
Mobile PKI maturing into Payments

2015年9月10日

Mobile PKI maturing into Payments

We have seen a couple of ways pushing PKI into mobile space. It perhaps started with using mobile sim cards and secure…
Internet of Things (IoT): A new life to PKI

2015年9月5日

Internet of Things (IoT): A new life to PKI

I think PKI came into commercial market a bit earlier than its time. However, the early entry has helped the technology…
Configuring SSL, PGP, SSH and cryptographic tools in post-Snowden age

2015年8月17日

Configuring SSL, PGP, SSH and cryptographic tools in post-Snowden age

https://bettercrypto.org/static/applied-crypto-hardening.

See all articles

社区洞察

Software Testing

How can you ensure mobile apps are tested for performance on slow networks?

Web Application Authentication Risks

Sajid Pervez

Security Architecture | Security Engineering | AppSec

Sajid Pervez的更多文章

社区洞察

其他会员也浏览了

App access checker for model-driven apps

WhatsApp Secret Code: Users Can Lock Chats Securely On Web, Here's How to Use It

LinkedIn Would Like To Do What?

Five upcoming features coming in Q1 2023!

How Much Info Do You Leak Through Browsing?

Decoy Effect

Browser support

Top 5 Low Severity Issues

On the Spot! version 6.4 is available

How to increase the speed of your internet browser

Sajid Pervez的更多文章

Dawn of API-first Design

Key Management is a Pain

Crypto and Mobile Apps - A good way to go

Risk based authentication reduces fraud and boosts e-commerce

Mobile PKI maturing into Payments

Internet of Things (IoT): A new life to PKI

Configuring SSL, PGP, SSH and cryptographic tools in post-Snowden age

社区洞察

其他会员也浏览了

App access checker for model-driven apps

WhatsApp Secret Code: Users Can Lock Chats Securely On Web, Here's How to Use It

LinkedIn Would Like To Do What?

Five upcoming features coming in Q1 2023!

How Much Info Do You Leak Through Browsing?

Decoy Effect

Browser support

Top 5 Low Severity Issues

On the Spot! version 6.4 is available

How to increase the speed of your internet browser