Validating the Security of Mobile Authentication Apps

You are shifting through RFIs for a new mobile app based multi-factor authentication solution for your company. The vendors claim that their products are 100% secure and we all know that there's no such thing as a 100% secure solution, but it's marketing and you know how marketing sometimes goes overboard. How do you determine if the solution is actually fit for your appetite for risk? Can you be sure development time dev credentials have been cleaned up? Is the rooting detection any good? Does the app store plaintext credentials? Is it vulnerable or can someone build a scalable attack against the product you are about to acquire to protect your crown jewels? Let's take a look at different options out there and talk a little bit about what you can request from the vendors.

Event Recording

Validating the Security of Mobile Authentication Apps

Click here to watch the recording of this session. Please note that this video is only available to event participants and subscribers. You'll need to log in to watch it.

Presentation deck

Validating the Security of Mobile Authentication Apps

Click here to download the slide deck. Please note that downloads are only available for event participants and subscribers. You'll need to log in to download it.