Nikita Stupin

Information Security Analyst, Mail.Ru Group

About speaker

• Information Security Analyst, Mail.Ru Group • Bug Bounty Hunter: Airbnb, Semrush, Yandex • Dean of the Information Security faculty at GeekBrains • Degree in Information Security from Bauman Moscow State University
November 15
16:00 — 17:00
Main Track
Mobile applications are increasingly implementing the OAuth 2.0 protocol. Despite this, vulnerabilities in mobile OAuth 2.0 implementations are still found even in the products of large companies.

This report will look at vulnerabilities specific to mobile OAuth 2.0. It will also show the most common and critical vulnerabilities of the usual OAuth 2.0, protection mechanisms and common mistakes of developers.