Case Study 13

Online Banking Gets a Security Boost from SunBlock Systems

The Client

A major financial institution

The Scenario

A large financial institution planned to launch a Web application that would allow credit card holders to manage their accounts online.

The Investigation

SunBlock Systems personnel conducted a comprehensive security assessment of the target application. The assessment uncovered several important security issues, including the ability of users to obtain other users' credit card information. After entering a valid credit card number, an attacker could access another user's account by sending specially crafted Web requests to the application.

As a result, the client made several modifications to the application code, including changing the way a user can submit requests to the server and preventing the release of potentially compromising data to an attacker.

The Benefits

SunBlock's assessment and solutions helped the client avoid exposing its customers to potentially massive credit card fraud. In addition, the client was able to develop better coding practices and improve security on all of its future Internet applications.

home | services | products |about us | case studies | careers | contact us

©2002-2010, SunBlock Systems, Inc. All rights reserved.