| dc.contributor.advisor | Gopinath, K | |
| dc.contributor.advisor | Ganapathy, Vinod | |
| dc.contributor.author | Agrawal, Nikhil | |
| dc.date.accessioned | 2022-09-20T10:28:19Z | |
| dc.date.available | 2022-09-20T10:28:19Z | |
| dc.date.submitted | 2022 | |
| dc.identifier.uri | https://etd.iisc.ac.in/handle/2005/5860 | |
| dc.description.abstract | This thesis concerns the robustness of security checks in financial mobile applications (or simply
financial apps). The best practices recommended by OWASP for developing such apps demand
that developers include several checks in these apps, such as detection of running on a rooted
device, certificate checks, and so on. Ideally, these checks must be introduced in a sophisticated
way, and must not be locatable through trivial static analysis, so that attackers cannot bypass
them trivially. In this thesis, we conduct a large-scale study focused on financial apps on the
Android platform and determine the robustness of these checks. Our study shows that among
the apps with at least one security check, > 50% of such apps at least one check can be trivially
bypassed. Some of such financial apps we considered have installation counts exceeding 100
million from Google Play. We believe that the results of our study can guide developers of these
apps in inserting security checks in a more robust fashion. | en_US |
| dc.description.sponsorship | Department of Science and Technology, Govt. of India. | en_US |
| dc.language.iso | en_US | en_US |
| dc.rights | I grant Indian Institute of Science the right to archive and to make available my thesis or dissertation in whole or in part in all forms of media, now hereafter known. I retain all proprietary rights, such as patent rights. I also retain the right to use in future works (such as articles or books) all or part
of this thesis or dissertation | en_US |
| dc.subject | Financial Apps | en_US |
| dc.subject | Android | en_US |
| dc.subject | Reverse Engineering | en_US |
| dc.subject | OWASP | en_US |
| dc.subject | Large-scale study | en_US |
| dc.subject.classification | Research Subject Categories::TECHNOLOGY::Information technology::Computer science::Computer science | en_US |
| dc.title | An Evaluation of Basic Protection Mechanisms in Financial Apps on Mobile Devices | en_US |
| dc.type | Thesis | en_US |
| dc.degree.name | MTech (Res) | en_US |
| dc.degree.level | Masters | en_US |
| dc.degree.grantor | Indian Institute of Science | en_US |
| dc.degree.discipline | Engineering | en_US |
