Page 12 - FIGI: Security audit of various DFS applications
P. 12

HTTPS traffic is encrypted. While they are oth-   setting for the application or clear textTrafficPer-
                er ways to encrypt traffic, HTTPS is the stan-    mitted in the network security configuration.
                dard way for communication between apps and       When  clear  text  traffic  is  disabled,  the  appli-
                servers. If data is transferred over HTTP or other   cation and other components it uses (e.g., the
                non-encrypted protocols, then it could easily be   media player) will refuse to use clear text traffic.
                intercepted or even modified by an attacker.      Clear text traffic can easily be eavesdropped and
            b)  T3�2  Application should detect Machine-in-the-   manipulated by attackers.
                Middle attacks with untrusted Certificates:       Note that even if the application fails this test, it
                When running the traffic through a machine-in-    does not necessarily mean that the application
                the-middle (MITM) proxy that does not own a       will send or receive clear text traffic.
                trusted certificate for the server of the app, the
                app should refuse the connection.
                MITM  proxies can  be used to intercept  HTTPS   2�4  M4  Insecure Authentication
                traffic, decrypt it for inspection and modification   The following tests are made by running the applica-
                and the re-encrypt it before sending it off to the   tion on a phone and observing its behaviour.
                intended server. A typical attacker does not own
                valid certificates for the destination server; thus   a)  T4�1  Authentication required before accessing
                the app should detect that the certificate of the   sensitive information:
                proxy is not signed by a trusted authority. If the      The app should request a password, a PIN code,
                app does not check the validity of the certificate,   or a fingerprint before giving access to sensitive
                an attacker can intercept and modify the traffic.   information or functionality (e.g., balances and
            c)  T3�3  Application should detect Machine-in-the-   payments).
                Middle attacks with trusted certificates:         This can be tested by using the application on
                When running the traffic through a machine-       the phone.
                in-the-middle (MITM) proxy that uses a certifi-     The impact of not authenticating the user every
                cate signed by a CA that is trusted by the smart   time is that if the phone is stolen or lent while
                phone, the app should refuse the connection.      unlocked, an attacker could access sensitive data
                Different situation can arise where the operator   or functionality.
                of the proxy is able to generate certificates that   b)  T4�2  The application should have an inactivity
                are trusted by the phone. The operator can be     timeout:
                a CA operator (e.g., a government), the opera-     This can be tested by leaving the application
                tor may be a company that has installed its root   open for a while and observing whether it locks
                certificate on the phones of the company, or the   itself automatically.
                root certificate may have been installed by hand      If there is no timeout, or if it is too long, the risk is
                by the user or an attacker. The application can   that if the phone is stolen or lent while unlocked,
                protect itself against this type of attack by doing   an attacker could access sensitive data or func-
                a root pinning. This means that the app knows     tionality.
                which CA is expected to sign the server certifi-  b)  T4�3    If  a  fingerprint  is  added,  authentication
                cate and it will refuse certificates signed by other   with fingerprints should be disabled:
                CAs, even if these CAs are trusted. Executing this      When a new fingerprint is registered on the
                test usually requires rooting of the phone to be   phone, the app should disable authenticate by
                able to install a root certificate.               fingerprint until the user has provide the PIN or
                If the application does not apply certificate pin-  password for the application.
                ning, then traffic could be intercepted by govern-     The risk is that an attacker could succeed in reg-
                ments or by attackers having succeeded in hack-   istering his own fingerprint on the phone and the
                ing one of the many trusted root CAs.             access the apps that are protected by finger-
            d)  T3�4  App manifest should not allow clear text    prints.
                traffic:                                       c)  T4�4  It should not be possible to replay inter-
                Using clear text traffic is disabled by default on   cepted requests:
                Android 8.1 or higher. The app manifest should      Replaying a request (e.g., a money transfer) that
                not  contain settings  that override  this default.   was captured by a man-in-the-middle proxy
                These can be the android: usesCleartextTraffic    should not result in the same request being exe-
                                                                  cuted twice.



           10    Security audit of various DFS applications
   7   8   9   10   11   12   13   14   15   16   17