Security
Todo
OWASP
Security Requirements by banking providers?
Audits needed? Ex: Unit Ensure security policies, XSS prevention, disable Iframe Embedding,
Referrer policy
IP Blocking - some regulation require US only, checking for VPN, fraud detection
Fraud Handling - closing accounts, suspending accounts, refunds, freezing assets
Dependency auditing - Snyk Have external security audit
Make sure you are following regulations and compartmentalization for Prod data, even logging HTTPs, HTTP redirect
Last updated