sunhux
asked on
What to look for in Fraud Protection Solutions PoC
I'm reviewing an F5's BIG-IP 5250v solution or Fraud Protection PoC.
What do I need to look out for & the success criteria of the PoC ?
By "Fraud", does it refer to keylogger, information theft etc?
I'm quite a layman in this area, so any ideas or tools to test the PoC
for web & mobile is much appreciated. Something I got so far :
Test Cases -Cloud Demo/POC
•Application Layer Encryption Tests
•Application Layer Encryption configuration on Login page
•Application Layer Encryption masking on Login page
•Application Layer Encryption fools Browser-based Key-logger
•Protected Parameters, defined as Encrypted & Substituted Value (masked)
•Username and Password HTML Field Obfuscation & Decoy
•Automatic Transaction Detection Tests
•Automatic Transaction Detection on Transaction page
•Data Integrity Checks on Transaction page
Malware Detection Tests:
•Malicious Script Detection on Login page
•Additional Input Element added to Form Detection on Login page
•Malicious AJAX Call Detection on Login page
•Trojan Detection on Login page
•Advanced Phishing Detection Tests
•Copy Page Detection on Login page
•Phishing User Detection on Login page
•Copy Page Detection on Login page –Remove inline code
What do I need to look out for & the success criteria of the PoC ?
By "Fraud", does it refer to keylogger, information theft etc?
I'm quite a layman in this area, so any ideas or tools to test the PoC
for web & mobile is much appreciated. Something I got so far :
Test Cases -Cloud Demo/POC
•Application Layer Encryption Tests
•Application Layer Encryption configuration on Login page
•Application Layer Encryption masking on Login page
•Application Layer Encryption fools Browser-based Key-logger
•Protected Parameters, defined as Encrypted & Substituted Value (masked)
•Username and Password HTML Field Obfuscation & Decoy
•Automatic Transaction Detection Tests
•Automatic Transaction Detection on Transaction page
•Data Integrity Checks on Transaction page
Malware Detection Tests:
•Malicious Script Detection on Login page
•Additional Input Element added to Form Detection on Login page
•Malicious AJAX Call Detection on Login page
•Trojan Detection on Login page
•Advanced Phishing Detection Tests
•Copy Page Detection on Login page
•Phishing User Detection on Login page
•Copy Page Detection on Login page –Remove inline code
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.