如何保护我的Windows Phone 8.1的应用程序？ [英] How to secure my windows phone 8.1 application?

问题描述

我使用C＃和XAML技术是一个Windows Phone的开发者。结果
目前，我创造了我的客户银行应用程序，它的目标是为Windows手机8.1版本的操作系统。

I am a windows phone developer using c# and xaml technologies.
Currently I am creating a banking application for my client and it is targeting for Windows phone 8.1 OS version.

和我使用的Windows Phone XAML应用程序模板来创建它。

And I am using Windows Phone xaml app template for creating it.

由于这是一个银行应用程序，我需要得到它的最大保护。当我把我的APPX文件到银行的技术团队，他们作出了关于应用程序的安全问题。他们送我我还写了通过反向工程的过程中我的应用程序代码。

Since It is a banking application I need to get it maximum secured. As I send my Appx file to the bank technical team , They have made concern about the app security. And they had sent me the codes I have wrote for my application by the process of reverse engineering.

我需要做什么打击？以及以何种方式，我们才能避免这种类型的漏洞？请给我建议，以避免这种情况最好的方法。

What I need to do against ? And in what way we can avoid this type of vulnerabilities? Please suggest me best way to avoid this.

感谢

推荐答案

银行应用程序的安全性不应该依赖于客户端代码被秘密。你不应该在客户端存储任何秘密，因为它是不可能的，让他们从攻击者。

The security of the banking application should not depend on the client code being secret. You should not store any secrets on the client as it is impossible to keep them from an attacker.

使用加密通信（HTTPS）交谈的服务器。验证使用的证书，认证用户，并在服务器的问题访问令牌在有限的生存时间。这些都是行业最佳实践。不要试图去创造你自己的安全措施。

Use encrypted communications (https) to talk to the server. Validate the used certificates, authenticate the user and have the server issue an access token with a limited time to live. These are all industry best practices. Don't try to invent your own security measures.

这篇关于如何保护我的Windows Phone 8.1的应用程序？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！