zoukankan      html  css  js  c++  java
  • Electronic Payment App analysis

    Electronic Payment App is getting more and more popular now. People don't have to bring credit cards any more. All they need to do is using their smartphones and they could go shopping, check bills and dining in restaurants. It very convenient but some security issue occurs.

    People like fancy interface Apps and they may not know how secure those Apps are. It's developers' responsibility to keep credential data safe and sound. But guess what??? Boss don't want extra costs for developers writing more secure Apps. Fancy interface is more important than security. No need to waste time and efforts for security.

    Let's take a look at some Electronic Payment App and see how secure it is.

    Extract the package folder of allPay from a smartphone and take a look at shared preference files.

    To my surprise that login accout is stored in share preference xml files. Poor lazy developers~ At least you should hash or encrypt those credential data such as account or phone numbers or e-mail.

    Don't get me wrong. I'm not trying to say this Electronic Payment App is not secure enough. Actually allPay is doing well on security such as Certificate Pinning and so on. We cannot emphasize too much the importance of secuirty.

  • 相关阅读:
    1028 List Sorting (25分)
    CSS通用样式类讲解
    异常处理机制
    修饰符及接口和内部类
    用python实现基础的数据类型
    类属性和实例化属性
    命名空间和作用域
    python super()函数有无参数的调用
    编写html页面常常犯的错误
    多态
  • 原文地址:https://www.cnblogs.com/pieces0310/p/5927251.html
Copyright © 2011-2022 走看看