Thanks Ed! My confluence ID is davidyaha.
Best, David ᐧ On Mon, Jan 14, 2019 at 7:51 PM Ed Cable <[email protected]> wrote: > Hi David, > > Sorry for the delayed reply. I for some reason did not see your email till > now. Thank you very much for weighing in and volunteering to document a > threats list. I too believe that is a good starting point and we might soon > have some others weighing in with their thoughts on the proper > architectural design. > > Sharing your knowledge in a both architecting a secure design in which to > connect via client/self-service A{Is as well as your recommendations on > deployment architecture are gladly appreciated. > > If you can share with me your confluence ID for the fineract confluence, I > will give you the proper permissions so you can create the suggested page. > > Thanks, > > Ed > > On Sun, Jan 6, 2019 at 2:34 AM David Yahalomi <[email protected]> wrote: > > > Hello Fineracters, > > > > *TL;DR*: Let's start with a threats list and discuss each threat on it's > > own and in composition. > > > > I'm David from Articode and I've recently started setting up a self > service > > fineract solution. > > In the past I've worked on developing a digital self service branch for > the > > 2nd biggest bank in Israel. Their core used T24 by the swiss company > > Temenos. > > I have recently been in contact with Ed and Fiter from the fineract > > community, and I was asked by Ed to chime in this thread. > > > > In my experience, making a secure self service mobile application has > many > > concerns and requirements but most of those are addressed in deployment > > architecture and the creation of a good audit and session management > tool. > > > > Is there a documented list of possible threats in having a self service > > mobile app? > > > > If not, I think it will be a great first step. I would gladly start one > on > > the confluence. > > Once curated, we can introduce various solutions to defend against any of > > those threats in various environments, but I think that the list is a > > mandatory step. > > > > Best, > > David > > > > > -- > *Ed Cable* > President/CEO, Mifos Initiative > [email protected] | Skype: edcable | Mobile: +1.484.477.8649 > > *Collectively Creating a World of 3 Billion Maries | *http://mifos.org > <http://facebook.com/mifos> <http://www.twitter.com/mifos> >
