ITSPmagazine Podcasts

From Fraud to Fixes: Designing Usable Security for Financial Applications | An OWASP AppSec Global 2025 Conversation with Wojciech Dworakowski | On Location Coverage with Sean Martin and Marco Ciappelli


Listen Later

In this On Location episode during OWASP AppSec Global 2025 in Barcelona, Sean Martin connects with event speaker, Wojciech Dworakowski, to unpack a critical and underexamined issue in today’s financial systems: the vulnerability of mobile-only banking apps when it comes to transaction authorization.

Wojciech points out that modern banking has embraced the mobile-first model—sometimes at the cost of fundamental security principles. Most banks now concentrate transaction initiation, security configuration, and transaction authorization into a single device: the user’s smartphone. While this offers unmatched convenience, it also creates a single point of failure. If an attacker successfully pairs their phone with a victim’s account, they can bypass multiple layers of security, often without needing traditional credentials.

The discussion explores the limitations of relying solely on biometric options like Face ID or Touch ID. These conveniences may appear secure but often weaken the overall security posture when used without additional independent verification mechanisms. Wojciech outlines how common attack strategies have shifted from stealing credit card numbers to full account takeover—enabled by social engineering and weak device-pairing controls.

He proposes a “raise the bar” strategy rather than relying on a single silver-bullet solution. Suggestions include enhanced device fingerprinting, detection of emulators or rooted environments, and shared interbank databases for device reputation and account pairing anomalies. While some of these are already in motion under new EU and UK regulations, they remain fragmented.

Wojciech also introduces a bold idea: giving users a slider in the app to adjust their personal balance of convenience vs. security. This kind of usability-driven approach could empower users while still offering layered defense.

For CISOs, developers, and FinTech leaders, the message is clear—evaluate your app security as if attackers already know the shortcuts. Watch the full conversation to hear Wojciech’s real-world examples, including a cautionary tale from his own family. Catch the episode and learn how to design financial security that’s not just strong—but usable.

GUEST: Wojciech Dworakowski | OWASP Poland Chapter Board Member and Managing Partner at SecuRing | https://www.linkedin.com/in/wojciechdworakowski/

HOST: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.com

SPONSORS

Manicode Security: https://itspm.ag/manicode-security-7q8i

RESOURCES

Learn more and catch more stories from OWASP AppSec Global 2025 Barcelona coverage: https://www.itspmagazine.com/owasp-global-appsec-barcelona-2025-application-security-event-coverage-in-catalunya-spain

Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

Want to tell your Brand Story Briefing as part of our event coverage? Learn More 👉 https://itspm.ag/evtcovbrf

Want Sean and Marco to be part of your event or conference? Let Us Know 👉 https://www.itspmagazine.com/contact-us

...more
View all episodesView all episodes
Download on the App Store

ITSPmagazine PodcastsBy ITSPmagazine, Sean Martin, Marco Ciappelli

  • 5
  • 5
  • 5
  • 5
  • 5

5

31 ratings


More shows like ITSPmagazine Podcasts

View all
The Joe Rogan Experience by Joe Rogan

The Joe Rogan Experience

225,542 Listeners

Cybersecurity Today by Jim Love

Cybersecurity Today

163 Listeners

The Azure Security Podcast by Michael Howard, Sarah Young, Gladys Rodriguez and Mark Simos

The Azure Security Podcast

24 Listeners

Audio Signals Podcast by ITSPmagazine, Marco Ciappelli, Sean Martin

Audio Signals Podcast

2 Listeners

Redefining CyberSecurity by Sean Martin, ITSPmagazine

Redefining CyberSecurity

3 Listeners

Stories From Space by ITSPmagazine, Matthew S Williams

Stories From Space

4 Listeners

Redefining Society and Technology Podcast by Marco Ciappelli, ITSPmagazine

Redefining Society and Technology Podcast

0 Listeners

Leading Edge Discovery Podcast by Charlie Camarda Ph.D, ITSPmagazine

Leading Edge Discovery Podcast

3 Listeners

The Mentor Project Podcast by The Mentor Project, ITSPmagazine

The Mentor Project Podcast

0 Listeners

The Tucker Carlson Show by Tucker Carlson Network

The Tucker Carlson Show

15,381 Listeners