On 2015-02-16 07:48, Florian Bösch wrote:
On Sun, Feb 15, 2015 at 10:59 PM, Jeffrey Walton <noloa...@gmail.com 
<mailto:noloa...@gmail.com>> wrote:

    For the second point, and as a security architect, I regularly reject
    browser-based apps that operate on medium and high value data because
    we can't place the security controls needed to handle the data. The
    browser based apps are fine for low value data.

I'm not sure what "high value data" is. But I'm fairly sure that just about any 
e-banking solution in existence is browser based.

Unfortunately this is wrong and is why I started this thread. Mobile banking applications 
in Europe are usually featured as "Apps".
This has multiple reasons; one is that there's no way to deal with client-side 
PKI and secure key storage in the mobile web.

So I'm guessing your definition of "high value data" doesn't include banking 
access. You work for the NSA? Oh snap, the high value data just walked out there on a USB 



Reply via email to