Your SlideShare is downloading. ×
0
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Exploiting vulnerabilities in location based commerce
Upcoming SlideShare
Loading in...5
×

Thanks for flagging this SlideShare!

Oops! An error has occurred.

×
Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

Exploiting vulnerabilities in location based commerce

1,097

Published on

This ppt discusses in detail about how to Exploit Vulnerabilities in #MobileApplications which are using user Location to filter data or to provide location specific content and Commercial Offers. The …

This ppt discusses in detail about how to Exploit Vulnerabilities in #MobileApplications which are using user Location to filter data or to provide location specific content and Commercial Offers. The session showcased live examples by exploiting vulnerabilities in some famous applications used by mobile users worldwide. The last part of session includes prospective solutions to secure application from these vulnerabilities.

Published in: Technology, Business
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total Views
1,097
On Slideshare
0
From Embeds
0
Number of Embeds
4
Actions
Shares
0
Downloads
4
Comments
0
Likes
0
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
No notes for slide

Transcript

  • 1. Location Based Services → Exploiting Vulnerabilities        
  • 2. + SOFTWARE DEVELOPMENT DONE RIGHT Netherlands | USA | India | France | UK www.xebia.in; Blog :http://.xebee.xebia.in
  • 3. What are Location Based Services ? → A service that depends on the network knowing your location   LBS allow consumers to receive services and advertising based on their geographic location.
  • 4. Location Based Services   Location Based Services Can be basically divided into 4 Broad Categories1. Location Based Search Information 2. Location Based Commerce 3. Navigation Services 4. Tracking Applications
  • 5. Location Based Information
  • 6. Location Based Commerce
  • 7.     Location Based Navigation        
  • 8.     Location Based Tracking        
  • 9. Loca&on  and  Constella&ons    
  • 10. Loca&on  and  Constella&ons    
  • 11. A  New  Man  Made  Constella&on  
  • 12. Loca&on  Acquisi&on  Methods   1.GPS 2.Assisted GPS 3.Cell Towers 4.Cell-ID
  • 13. Loca&on  Accuracy  and  Usage                        Precise  Loca+on  Acquisi+on   GPS (Global Positioning System) •  24 satellites in orbit. Typically 5 to 8 are visible from any one place •  Distance calculated by time it takes for signal to travel from satellite to receiver. Calculating the time it takes from 4 satellites provides an accurate fix.
  • 14. Loca&on  Accuracy  and  Usage                        Precise  Loca+on  Acquisi+on   Assisted -GPS •  GPS has a slow time to fix unless it is permanently tracking satellites •  Assisted GPS is based upon providing GPS satellite information to the handset, via the cellular network •  Assisted GPS gives improvements in Time to First Fix
  • 15. NO  Loca+on  Verifica+on   •  99 % of Applications Providing Location Based Services lack Location Verification Mechanism.          This  Leaves  all  these  Applica+ons            Vulnerable  to  Loca+on  Spoofing  A=acks  
  • 16. Loca+on  Spoofing                        Injec+ng  Fake  Loca+ons  
  • 17. Loca+on  Spoofers  
  • 18. Results  of  Loca+on  Spoofing   •  Commercial   applica+ons  can   be  fooled  by   Checking  in  with   spoofed   Loca+ons.     •  Rewards,  Offers,   Deals  on  Specific   Loca+ons  Can  be   Availed  ☺  
  • 19. Results  of  Loca+on  Spoofing   •  Tracking  Applica+ons   can  be  fooled  by  fixing  a   fake  loca+on  or   Randomly  changing     Loca+on.     •  Incase  of  Con+nuous     Fleet  tracking,  Pre-­‐ Designed  Routes  can  be   Simulated  to  spoof   con+nuous  Loca+on  
  • 20. Solu+ons  to  Loca+on  Spoofing    Client  side  valida+ons       •  Hourly  loca+on   •  Cell  towers  triangula+on   Server  side  Valida+ons   •  •  •  •  •  •  •  Date  of  Registra+on   RapidFire  Check-­‐ins   Previous  Check-­‐ins,  History     Distance  Algorithims   Traffic  updates.   Speed  and  stops   Loca+ons  in  other  Applica+ons  
  • 21. Spoofing  GPS  Constella+on  
  • 22. Spoofing  GPS  Constella+on   GPS Signal Simulators / Signal Spoofer
  • 23. Spoofing  GPS  Constella+on   Possible Solutions ????????????
  • 24. Spoofing  GPS  Constella+on   Happy Spoofing :) Thank You ! Thank You
  • 25. Agile Testing Current Competencies Mobile Testing: Appium, Calabash Performance Testing Tools: JMeter, LoadUI Automation Frameworks in place -  Selenium/Webdriver keyword driven -  SoapUI ATDD Tools: Cucumber, Fitnesse, JBehave, Geb Language Proficiencies: Java, Ruby, Groovy, Python Functional automation Tools: Selenium/Webdriver, AUTO IT, SoapUI, QTP Knowledge Sharing: Speakers in national and international conferences
  • 26. Contact us @ Websites www.xebia.in www.xebia.com www.xebia.fr Xebia India infoindia@xebia.com Thought Leadership Htto://xebee.xebia.in http://blog.xebia.com http://podcast.xebia.com

×