[OWASP-cheat-sheets] Transaction Authorization Cheat Sheet

Wojciech Dworakowski wojciech.dworakowski at owasp.org
Fri Jan 8 11:29:58 UTC 2016


Updated version of Transaction Authorization Cheat Sheet:
https://www.owasp.org/index.php/Transaction_Authorization_Cheat_Sheet

The Purpose of this cheat sheet is to provide guidelines on how to securely
implement transaction authorization in electronic banking apps, to protect
it from being bypassed. These guidelines can be used by:

* Banks - to define functional and non-functional requirements for
transaction authorization.
* Developers – to design and implement transaction authorization without
vulnerabilities.
* Pentesters – to test for transaction authorization security.


Many thanks for all contributors who provided valuable feedback to this
version!

-- 
Wojciech Dworakowski
OWASP Poland Chapter Leader
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.owasp.org/pipermail/owasp-cheat-sheets/attachments/20160108/c41c43fb/attachment.html>


More information about the OWASP-cheat-sheets mailing list