Thank you! Permissions granted.
Ed
On Mon, Jan 14, 2019 at 10:33 AM David Yahalomi <da...@articode.co> wrote:
> Thanks Ed!
>
> My confluence ID is davidyaha.
>
> Best,
> David
> ᐧ
>
> On Mon, Jan 14, 2019 at 7:51 PM Ed Cable <edca...@mifos.org> wrote:
>
> > Hi David,
> >
> > Sorry for the delayed reply. I for some reason did not see your email
> till
> > now. Thank you very much for weighing in and volunteering to document a
> > threats list. I too believe that is a good starting point and we might
> soon
> > have some others weighing in with their thoughts on the proper
> > architectural design.
> >
> > Sharing your knowledge in a both architecting a secure design in which
> to
> > connect via client/self-service A{Is as well as your recommendations on
> > deployment architecture are gladly appreciated.
> >
> > If you can share with me your confluence ID for the fineract confluence,
> I
> > will give you the proper permissions so you can create the suggested
> page.
> >
> > Thanks,
> >
> > Ed
> >
> > On Sun, Jan 6, 2019 at 2:34 AM David Yahalomi <da...@articode.co> wrote:
> >
> > > Hello Fineracters,
> > >
> > > *TL;DR*: Let's start with a threats list and discuss each threat on
> it's
> > > own and in composition.
> > >
> > > I'm David from Articode and I've recently started setting up a self
> > service
> > > fineract solution.
> > > In the past I've worked on developing a digital self service branch for
> > the
> > > 2nd biggest bank in Israel. Their core used T24 by the swiss company
> > > Temenos.
> > > I have recently been in contact with Ed and Fiter from the fineract
> > > community, and I was asked by Ed to chime in this thread.
> > >
> > > In my experience, making a secure self service mobile application has
> > many
> > > concerns and requirements but most of those are addressed in deployment
> > > architecture and the creation of a good audit and session management
> > tool.
> > >
> > > Is there a documented list of possible threats in having a self service
> > > mobile app?
> > >
> > > If not, I think it will be a great first step. I would gladly start one
> > on
> > > the confluence.
> > > Once curated, we can introduce various solutions to defend against any
> of
> > > those threats in various environments, but I think that the list is a
> > > mandatory step.
> > >
> > > Best,
> > > David
> > >
> >
> >
> > --
> > *Ed Cable*
> > President/CEO, Mifos Initiative
> > edca...@mifos.org | Skype: edcable | Mobile: +1.484.477.8649
> >
> > *Collectively Creating a World of 3 Billion Maries | *http://mifos.org
> > <http://facebook.com/mifos> <http://www.twitter.com/mifos>
> >
>
--
*Ed Cable*
President/CEO, Mifos Initiative
edca...@mifos.org | Skype: edcable | Mobile: +1.484.477.8649
*Collectively Creating a World of 3 Billion Maries | *http://mifos.org
<http://facebook.com/mifos> <http://www.twitter.com/mifos>
