Page 19 - FIGI: Security audit of various DFS applications
P. 19
Figure 4 – Radar graph of the test results (the radial axis indicates the percentage of tested best practices that
were found to be implemented)
4�3 Summary of results b) App3 does not apply an extra encryption of the
We conclude this report by summarizing the results data exchanged over HTTPS.
of the tests in Figure 4. No critical vulnerability was
detected during the tests. Nevertheless, two findings Testing of additional applications would yield a larg-
were found. er base to compare with and would also allow to
fine-tune the tests.
a) No PIN is required to access a Personal Unlock
Key (PUK) in App2
Security audit of various DFS applications 17