zoukankan      html  css  js  c++  java
  • Electronic Payment App analysis

    Electronic Payment App is getting more and more popular now. People don't have to bring credit cards any more. All they need to do is using their smartphones and they could go shopping, check bills and dining in restaurants. It very convenient but some security issue occurs.

    People like fancy interface Apps and they may not know how secure those Apps are. It's developers' responsibility to keep credential data safe and sound. But guess what??? Boss don't want extra costs for developers writing more secure Apps. Fancy interface is more important than security. No need to waste time and efforts for security.

    Let's take a look at some Electronic Payment App and see how secure it is.

    Extract the package folder of allPay from a smartphone and take a look at shared preference files.

    To my surprise that login accout is stored in share preference xml files. Poor lazy developers~ At least you should hash or encrypt those credential data such as account or phone numbers or e-mail.

    Don't get me wrong. I'm not trying to say this Electronic Payment App is not secure enough. Actually allPay is doing well on security such as Certificate Pinning and so on. We cannot emphasize too much the importance of secuirty.

  • 相关阅读:
    ftell
    diff
    继承
    类的组合
    拷贝构造函数
    内存管理
    Hibernate学习-Hibernate查询语言HQL
    JAVA解析JSON数据
    Android异步加载
    Android数据存储-文件操作
  • 原文地址:https://www.cnblogs.com/pieces0310/p/5927251.html
Copyright © 2011-2022 走看看