Re: The futile war between Native and Web

On Mon, Feb 16, 2015 at 3:17 AM, Florian Bösch <pyalot@gmail.com> wrote:
> On Mon, Feb 16, 2015 at 9:08 AM, Jeffrey Walton <noloader@gmail.com> wrote:
>>
>> I'd hardly consider an account holder's data as high value. Medium at
>> best and likely low value. But that's just me.
>
> Of course if the data is compromised it means that an attacker can also
> remote-control your e-banking interface, and issue payments and so forth.
> I'm sure that's not "high value" either?

No, that's definitely not high value from my experience with three US
financial firms. In US financial, those losses are simply passed on to
share holders. Risk is democratized, reward is privatized.

Perhaps you should talk to other security architects with experience
in financial and see what they have to say.

Jeff

Received on Monday, 16 February 2015 08:30:00 UTC