THE U.S. FINTECH SYMPOSIUM
  • HOME
  • USFS 2023
    • Conference Agenda
    • Conference Speakers
    • Date, Location & Venue
    • Networking Events
    • Conference App
    • Conference News
    • Call for Speakers
  • SPONSOR
    • Sponsorships Opportunities
    • Registrant List & Statistics
    • Sponsorship ROI
    • Let's Talk!
  • REGISTER
  • MORE INFO
    • Marketing Partnerships
    • Volunteer Opportunities >
      • Steering Committee
      • Student Volunteering
    • Conference Organizers
    • Fintech Presentations
    • Memberships >
      • MEMBER SIGN-IN
      • Speaker Interviews
      • 2022 - Presentations
      • 2021 - Presentations
      • 2019 - Presentations
      • 2018 - Presenations
    • Photo Gallery
    • Contact Us

In Plain Sight: The Insecurities of Mobile Financial Apps

Alissa Knight - The US Fintech Symposium

​Presentation Date & Time:
September 16th at 1:30 PM
​
Presenter Information:
Name: Alissa Knight
Organization: Aite Group
Title: Senior Analyst
​
Presentation Description:
I recently completed vulnerability research of 30 different mobile apps across all of the financial services sectors to include retail banking, credit card, mobile payment, crypto-currency, Health Savings Accounts, retail brokerage, health insurers, and auto insurance apps. The research was performed over a 6 week period.

In this research, the mobile applications were decompiled, meaning we reversed the app back to its original source code to assess vulnerabilities. When an app is capable of being decompiled, it provides the adversary access to sensitive information inside the source code, such as API keys; API secrets; URLs that the app communicates with, which would allow an adversary to then target the APIs of the backend servers; recompile it to insert malware for later redistribution; and an understanding of how detections are being performed to identify a jail broken/rooted phone so they can circumvent those checks and disable mandatory code signing and sandboxing.

The findings that will be presented in my talk are deeply troubling and staggering. Every audience member will walk away with something from this presentation, from CISOs who will want an immediate static and dynamic code analysis and hardening of their own mobile app to ensure they don’t suffer from these vulnerabilities to the developers writing the code who will want to learn how to write more secure/hardened code. 

Alissa Knight Biography

Alissa Knight is a twenty-year veteran of the cybersecurity industry with expertise over the last two decades in penetration testing, incident response and forensics, and penetration testing of connected cars. Alissa is a published author, having published the first book on hacking connected cars through Wiley. She is also a serial entrepreneur with two successful M&A exits under her belt to public companies in international markets. Alissa spent much of her career as a vulnerability researcher, publishing the first vulnerability on hacking VPNs and speaking on it at Blackhat Briefings in 2001.
 
Today, Alissa has reinvented herself as a full-time writer, influencer, and industry analyst, focusing her research into the cybersecurity issues impacting the financial services, healthcare, and fintech industries that matter to CISOs globally. Through her assessment of sector trends, creation of segment taxonomies, market sizing, preparation of forecasts, and developing industry models, Alissa provides these industries a combination of syndicated and bespoke market research, competitive intelligence, and consulting services in the cybersecurity market through unbiased, objective and accurate research.
Fintech Symposium Arrow
Fintech Symposium Registration Arrow
Register Now
Home
Agenda
Call for Speakers

Conference Venue
Digital Membership
Speaker Interviews
Photo Gallery

Job Openings
Volunteering
Partnering
Contact Us
Registration
Sponsorships
​Conference News
Terms & Conditions   
The U.S. Fintech Symposium is ​Produced by TreaSolution, Inc.
© Copyright 2023
TreaSolution, Inc.  All Rights Reserved.

  • HOME
  • USFS 2023
    • Conference Agenda
    • Conference Speakers
    • Date, Location & Venue
    • Networking Events
    • Conference App
    • Conference News
    • Call for Speakers
  • SPONSOR
    • Sponsorships Opportunities
    • Registrant List & Statistics
    • Sponsorship ROI
    • Let's Talk!
  • REGISTER
  • MORE INFO
    • Marketing Partnerships
    • Volunteer Opportunities >
      • Steering Committee
      • Student Volunteering
    • Conference Organizers
    • Fintech Presentations
    • Memberships >
      • MEMBER SIGN-IN
      • Speaker Interviews
      • 2022 - Presentations
      • 2021 - Presentations
      • 2019 - Presentations
      • 2018 - Presenations
    • Photo Gallery
    • Contact Us