Back To Schedule
Wednesday, October 9 • 11:00am - 11:50am
PRO WORKSHOP (API): Devil in the Details: An API Vulnerability Analysis Campaign Across Financial Services Mobile Apps

Sign up or log in to save this to your schedule, view media, leave feedback and see who's attending!

Feedback form is now closed.
Mobile apps create a monumental assailable attack surface for financial services companies that few of them, if any, are paying attention to. In this session, learn how attackers are exploiting APIs first by the sensitive data found in mobile apps in a range of exploits against financial institutions or their customers – including account takeovers, synthetic identity fraud, credit application fraud, identity theft, gift card cracking, credential stuffing, reward program abuse, and money laundering.

This session details 11 different categories of vulnerabilities in financial services mobile apps (and which types of finance organizations are the greatest offenders when it comes to releasing vulnerable code). Development teams, chief information security officers, chief privacy officers, chief risk officers, and other senior business leaders in finance will leave better-informed on the threats to their mobile apps, APIs, and how they can respond to these threats today through the findings in this vulnerability research.

Trailer video: https://youtu.be/9PoBf054v0A

API World 2019 Speakers
avatar for Alissa Knight

Alissa Knight

Senior Analyst, Aite Group
Alissa Knight is a 20-year veteran in cybersecurity as a penetration tester and vulnerability researcher. More recently, she spent several years in Europe performing penetration testing of connected vehicles and is a published author having recently published a new book on hacking... Read More →

Wednesday October 9, 2019 11:00am - 11:50am PDT
API World -- Workshop Stage B