Talk:Mobile Top 10 2016-Top 10

From OWASP
Jump to: navigation, search

Screen capture attack

Which category would the screen capture attack fall into?
We discovered that most of the mobile banking applications we examined do not use any protection mechanism to defeat the screenshot attacks. The experimental results of the Capture-Me attacks show the weakness of the (user id and password) as the only authentication mechanism used in many mobile banking applications. Our recommendation is that the mobile banking application should implement other authentication techniques such as the multi factor authentication in order to protect their users’ data and their system’s integrity.
http://espace.etsmtl.ca/1498/1/EL-SERNGAWY_Mohamed.pdf --Eelgheez (talk) 15:50, 29 March 2017 (CDT)