How to develop more secure applications for app-developers?
Security in banking apps are of the utmost importance and using the current banking mobile apps just makes feel insecure. The amount of security that is provided by banking apps are really less in comparison to the reward there is in hacking those apps. So I decided to put out this article which consists of three points that I devised to enhance the level of security of the application and any developer can use these tips to make their application more secure. These three points are proof of concept to enhance security while barely compromising with the ease of usability for the users.
So first we need to understand the requirements of the project, which was to enhance the security of the application by making extremely slight changes to the app so that the user experience won’t be modified by a lot and still the security aspect would be enhanced multifold.
For this, we need to understand the extent of the present technology that’s available to most of the consumers, either it is a rural farmer or an urban businessman and how we can use it to add extra features of security.
I came up with three points that in the first read doesn’t even seem to be a big deal and most of us accept it as default but keep this in mind these features on the payment app are to be used by those who are tech geeks but also by those who can barely operate a smartphone.
Idea 1 - Triple Layer Security (During the start of any transaction)
The idea here is that I am trying to integrate three layers of security instead of using the typical one step that just requires us to enter a 4 digit pin.
These are the steps that need to be carried out whenever a transaction is being initiated. So that we can make sure the person who is initiating the transaction is the legit person as now that we have made our whole bank accounts accessible from our phones we need to ensure that our accounts are safe even when they are in the hands of people we don’t trust.
Idea 2 - Advance OTP (During the OTP verification process)
Here I am trying to enhance the level of security by designing a new type of OTP verification process.
In this process, theft and transactions by unknown parties can be brought to a complete halt as we have already made it extremely hard for them to start the transaction process and after introducing the advance OTP check it makes it exponentially harder for someone to bypass these security checks.
Idea 3 - Grid transaction (Authentication while offline transaction)
Internet is still not available in a huge part of India at least not blazing fast internet and for that purpose, we have seen Google introduce offline payment system to increase their reach, but there is a severe need to enhance the security aspect of the offline transactions that are taking place.
In this way the offline transaction process can be made easy as the person using it can generate these set of digits anytime they require and enhances the security as to create these keys they need to pass various security checks to properly authenticate themselves before making the transaction.
Get, Set, Secure!
I want all the developers to focus on the security aspect of their applications and design the applications with keeping security in the forefront and not treat it as an after thought. Developers who need more clarity regarding these can feel free to connect with me, I can give them an in-detail explanation of how to implement these features and tweak it accordingly to their needs and make the world a better and secure place to be in.
If you enjoyed it please do clap & let’s collaborate. Get, Set, Hack!
Telegram : https://t.me/aditya12anand
Twitter : twitter.com/aditya12anand
LinkedIn : linkedin.com/in/aditya12anand/
E-mail : [email protected]