Digital payment security: Architecture guide
Building secure digital wallets is a challenge when it comes to balancing between convenience and security. How can we build secure payment solutions that meet the needs of fintech users and effectively protect their assets?
How to prevent digital wallet fraud
Understanding digital wallet fraud is critical for designing and integrating an effective anti-fraud solution. Read about security events, risk models, remote device attestation, user authentication, KYC, trade-offs, and many more.
Exploring security vulnerabilities in NFC digital wallets
NFC-based devices, such as mobile digital wallets, contactless smart cards, and security keys (hardware authentication devices), are exposing users to NFC vulnerabilities in encryption, replay and side-channel attacks.
Smart contract security audit: tips & tricks
Smart contract security audit is very different from traditional application security audit. Smart contracts are immutable, they interact with each other and transfer user funds between accounts. Unique threat landscape brings unique challenges.
Transparent data encryption for SQL databases with Acra 0.93
Fully transparent encryption of sensitive fields is possible with open source Acra 0.93 release. Acra works on SQL protocol level, hiding details from developers and reducing encryption integration cost. Learn how it works under the hood.
Introduction to automated security testing
Keep your code shipshape and reduce vulnerabilities with automated security testing. Delve into ways and tools of software security testing that developers and platform engineers can set up and automate to make apps more secure.
Cryptographic failures in RF encryption allow stealing robotic devices
Stunned by losing their robotic devices, [REDACTED] learnt that they were hijacked by attackers even with communication being encrypted. Having researched its firmware and found numerous cryptographic failures, we've crafted a few demos on how cryptography goes wrong in real life.
RepoMetaScore: evaluating supply chain risks of open-source repositories
Releasing RepoMetaScore (repository metadata scoring): a dependency checking tool that analyzes metadata of open-source project, including commit history and contributors’ background. RepoMetaScore calculates risk rating, makes supply chain risks visible and prevents weaponizing OSS.
Cossack Labs stands on guard for security of Ukrainian companies
Cossack Labs stands with Ukraine and offers free security assessment and engineering services for Ukrainian companies to improve country protection and resilience.
React Native libraries: Security considerations
How to select a secure React Native library for your app. Sort out improper platform usage, easy to misuse API, deprecated and abandoned libraries – check our research of the React Native ecosystem security.