{"id":"https://openalex.org/W4385679575","doi":"https://doi.org/10.1145/3588001.3609367","title":"Evaluating Mobile Banking Application Security Posture Using the OWASP\u2019s MASVS Framework","display_name":"Evaluating Mobile Banking Application Security Posture Using the OWASP\u2019s MASVS Framework","publication_year":2023,"publication_date":"2023-08-08","ids":{"openalex":"https://openalex.org/W4385679575","doi":"https://doi.org/10.1145/3588001.3609367"},"language":"en","primary_location":{"id":"doi:10.1145/3588001.3609367","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3588001.3609367","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3588001.3609367","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th ACM SIGCAS/SIGCHI Conference on Computing and Sustainable Societies","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":true,"oa_status":"gold","oa_url":"https://dl.acm.org/doi/pdf/10.1145/3588001.3609367","any_repository_has_fulltext":null},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5092616432","display_name":"Trevor Henry Chiboora","orcid":"https://orcid.org/0009-0009-4066-5481"},"institutions":[{"id":"https://openalex.org/I4210130200","display_name":"Carnegie Mellon University Africa","ror":"https://ror.org/02f33m021","country_code":"RW","type":"education","lineage":["https://openalex.org/I4210130200","https://openalex.org/I74973139"]}],"countries":["RW"],"is_corresponding":false,"raw_author_name":"Trevor Henry Chiboora","raw_affiliation_strings":["CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda"],"raw_orcid":"https://orcid.org/0009-0009-4066-5481","affiliations":[{"raw_affiliation_string":"CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda","institution_ids":["https://openalex.org/I4210130200"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092616433","display_name":"Lenah Chacha","orcid":"https://orcid.org/0009-0009-3480-5468"},"institutions":[{"id":"https://openalex.org/I4210130200","display_name":"Carnegie Mellon University Africa","ror":"https://ror.org/02f33m021","country_code":"RW","type":"education","lineage":["https://openalex.org/I4210130200","https://openalex.org/I74973139"]}],"countries":["RW"],"is_corresponding":false,"raw_author_name":"Lenah Chacha","raw_affiliation_strings":["CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda"],"raw_orcid":"https://orcid.org/0009-0009-3480-5468","affiliations":[{"raw_affiliation_string":"CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda","institution_ids":["https://openalex.org/I4210130200"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5092616434","display_name":"Theoneste Byagutangaza","orcid":"https://orcid.org/0009-0002-4410-8454"},"institutions":[{"id":"https://openalex.org/I4210130200","display_name":"Carnegie Mellon University Africa","ror":"https://ror.org/02f33m021","country_code":"RW","type":"education","lineage":["https://openalex.org/I4210130200","https://openalex.org/I74973139"]}],"countries":["RW"],"is_corresponding":false,"raw_author_name":"Theoneste Byagutangaza","raw_affiliation_strings":["CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda"],"raw_orcid":"https://orcid.org/0009-0002-4410-8454","affiliations":[{"raw_affiliation_string":"CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda","institution_ids":["https://openalex.org/I4210130200"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5016748726","display_name":"Assane Gueye","orcid":null},"institutions":[{"id":"https://openalex.org/I4210130200","display_name":"Carnegie Mellon University Africa","ror":"https://ror.org/02f33m021","country_code":"RW","type":"education","lineage":["https://openalex.org/I4210130200","https://openalex.org/I74973139"]}],"countries":["RW"],"is_corresponding":false,"raw_author_name":"Assane Gueye","raw_affiliation_strings":["CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda"],"raw_orcid":"https://orcid.org/0000-0001-6469-4716","affiliations":[{"raw_affiliation_string":"CyLab-Africa/Upanzi Network, Carnegie Mellon University Africa, Rwanda","institution_ids":["https://openalex.org/I4210130200"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":1,"corresponding_author_ids":[],"corresponding_institution_ids":["https://openalex.org/I4210130200"],"apc_list":null,"apc_paid":null,"fwci":4.2728,"has_fulltext":true,"cited_by_count":10,"citation_normalized_percentile":{"value":0.94762672,"is_in_top_1_percent":false,"is_in_top_10_percent":true},"cited_by_percentile_year":{"min":97,"max":98},"biblio":{"volume":null,"issue":null,"first_page":"99","last_page":"106"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9710000157356262,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T10734","display_name":"Information and Cyber Security","score":0.9710000157356262,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9465000033378601,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T12799","display_name":"Mobile and Web Applications","score":0.9345999956130981,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.6836938261985779},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6492103338241577},{"id":"https://openalex.org/keywords/security-testing","display_name":"Security testing","score":0.5950769186019897},{"id":"https://openalex.org/keywords/software-security-assurance","display_name":"Software security assurance","score":0.5415785908699036},{"id":"https://openalex.org/keywords/secure-coding","display_name":"Secure coding","score":0.5357896685600281},{"id":"https://openalex.org/keywords/security-bug","display_name":"Security bug","score":0.4942183792591095},{"id":"https://openalex.org/keywords/application-security","display_name":"Application security","score":0.47246336936950684},{"id":"https://openalex.org/keywords/financial-institution","display_name":"Financial institution","score":0.46558868885040283},{"id":"https://openalex.org/keywords/mobile-device","display_name":"Mobile device","score":0.45638683438301086},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.45111870765686035},{"id":"https://openalex.org/keywords/hacker","display_name":"Hacker","score":0.43001413345336914},{"id":"https://openalex.org/keywords/security-information-and-event-management","display_name":"Security information and event management","score":0.42688286304473877},{"id":"https://openalex.org/keywords/exploit","display_name":"Exploit","score":0.425345778465271},{"id":"https://openalex.org/keywords/computer-security-model","display_name":"Computer security model","score":0.41832417249679565},{"id":"https://openalex.org/keywords/information-security-audit","display_name":"Information security audit","score":0.41728726029396057},{"id":"https://openalex.org/keywords/security-through-obscurity","display_name":"Security through obscurity","score":0.41191041469573975},{"id":"https://openalex.org/keywords/security-service","display_name":"Security service","score":0.40036740899086},{"id":"https://openalex.org/keywords/cloud-computing-security","display_name":"Cloud computing security","score":0.37036240100860596},{"id":"https://openalex.org/keywords/information-security","display_name":"Information security","score":0.31707364320755005},{"id":"https://openalex.org/keywords/business","display_name":"Business","score":0.1961788833141327},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.19234371185302734},{"id":"https://openalex.org/keywords/finance","display_name":"Finance","score":0.1750723123550415},{"id":"https://openalex.org/keywords/network-security-policy","display_name":"Network security policy","score":0.16607290506362915},{"id":"https://openalex.org/keywords/web-service","display_name":"Web service","score":0.14208292961120605},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.10024487972259521},{"id":"https://openalex.org/keywords/cloud-computing","display_name":"Cloud computing","score":0.10000795125961304},{"id":"https://openalex.org/keywords/operating-system","display_name":"Operating system","score":0.09177881479263306}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.6836938261985779},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6492103338241577},{"id":"https://openalex.org/C195518309","wikidata":"https://www.wikidata.org/wiki/Q13424265","display_name":"Security testing","level":5,"score":0.5950769186019897},{"id":"https://openalex.org/C62913178","wikidata":"https://www.wikidata.org/wiki/Q7554361","display_name":"Software security assurance","level":4,"score":0.5415785908699036},{"id":"https://openalex.org/C22680326","wikidata":"https://www.wikidata.org/wiki/Q7444867","display_name":"Secure coding","level":5,"score":0.5357896685600281},{"id":"https://openalex.org/C131275738","wikidata":"https://www.wikidata.org/wiki/Q7445023","display_name":"Security bug","level":5,"score":0.4942183792591095},{"id":"https://openalex.org/C77109596","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Application security","level":5,"score":0.47246336936950684},{"id":"https://openalex.org/C2779601481","wikidata":"https://www.wikidata.org/wiki/Q650241","display_name":"Financial institution","level":2,"score":0.46558868885040283},{"id":"https://openalex.org/C186967261","wikidata":"https://www.wikidata.org/wiki/Q5082128","display_name":"Mobile device","level":2,"score":0.45638683438301086},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.45111870765686035},{"id":"https://openalex.org/C86844869","wikidata":"https://www.wikidata.org/wiki/Q2798820","display_name":"Hacker","level":2,"score":0.43001413345336914},{"id":"https://openalex.org/C103377522","wikidata":"https://www.wikidata.org/wiki/Q3493999","display_name":"Security information and event management","level":4,"score":0.42688286304473877},{"id":"https://openalex.org/C165696696","wikidata":"https://www.wikidata.org/wiki/Q11287","display_name":"Exploit","level":2,"score":0.425345778465271},{"id":"https://openalex.org/C121822524","wikidata":"https://www.wikidata.org/wiki/Q5157582","display_name":"Computer security model","level":2,"score":0.41832417249679565},{"id":"https://openalex.org/C39358052","wikidata":"https://www.wikidata.org/wiki/Q2578632","display_name":"Information security audit","level":5,"score":0.41728726029396057},{"id":"https://openalex.org/C114869243","wikidata":"https://www.wikidata.org/wiki/Q133735","display_name":"Security through obscurity","level":5,"score":0.41191041469573975},{"id":"https://openalex.org/C29983905","wikidata":"https://www.wikidata.org/wiki/Q7445066","display_name":"Security service","level":3,"score":0.40036740899086},{"id":"https://openalex.org/C184842701","wikidata":"https://www.wikidata.org/wiki/Q370563","display_name":"Cloud computing security","level":3,"score":0.37036240100860596},{"id":"https://openalex.org/C527648132","wikidata":"https://www.wikidata.org/wiki/Q189900","display_name":"Information security","level":2,"score":0.31707364320755005},{"id":"https://openalex.org/C144133560","wikidata":"https://www.wikidata.org/wiki/Q4830453","display_name":"Business","level":0,"score":0.1961788833141327},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.19234371185302734},{"id":"https://openalex.org/C10138342","wikidata":"https://www.wikidata.org/wiki/Q43015","display_name":"Finance","level":1,"score":0.1750723123550415},{"id":"https://openalex.org/C117110713","wikidata":"https://www.wikidata.org/wiki/Q3394676","display_name":"Network security policy","level":4,"score":0.16607290506362915},{"id":"https://openalex.org/C35578498","wikidata":"https://www.wikidata.org/wiki/Q193424","display_name":"Web service","level":2,"score":0.14208292961120605},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.10024487972259521},{"id":"https://openalex.org/C79974875","wikidata":"https://www.wikidata.org/wiki/Q483639","display_name":"Cloud computing","level":2,"score":0.10000795125961304},{"id":"https://openalex.org/C111919701","wikidata":"https://www.wikidata.org/wiki/Q9135","display_name":"Operating system","level":1,"score":0.09177881479263306}],"mesh":[],"locations_count":1,"locations":[{"id":"doi:10.1145/3588001.3609367","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3588001.3609367","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3588001.3609367","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th ACM SIGCAS/SIGCHI Conference on Computing and Sustainable Societies","raw_type":"proceedings-article"}],"best_oa_location":{"id":"doi:10.1145/3588001.3609367","is_oa":true,"landing_page_url":"https://doi.org/10.1145/3588001.3609367","pdf_url":"https://dl.acm.org/doi/pdf/10.1145/3588001.3609367","source":null,"license":"cc-by","license_id":"https://openalex.org/licenses/cc-by","version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 6th ACM SIGCAS/SIGCHI Conference on Computing and Sustainable Societies","raw_type":"proceedings-article"},"sustainable_development_goals":[],"awards":[],"funders":[],"has_content":{"grobid_xml":true,"pdf":true},"content_urls":{"pdf":"https://content.openalex.org/works/W4385679575.pdf","grobid_xml":"https://content.openalex.org/works/W4385679575.grobid-xml"},"referenced_works_count":0,"referenced_works":[],"related_works":["https://openalex.org/W2155353733","https://openalex.org/W125279808","https://openalex.org/W4240401768","https://openalex.org/W2146455667","https://openalex.org/W2018644264","https://openalex.org/W3015499098","https://openalex.org/W4385770215","https://openalex.org/W4313400739","https://openalex.org/W2796056969","https://openalex.org/W2126513753"],"abstract_inverted_index":{"In":[0],"the":[1,105,109,125,142,146,148,154,160,166,170,178,199,202,215,252],"context":[2],"of":[3,61,76,84,92,120,145,201,207,241,254],"financial":[4,16,25,39,70],"gain,":[5],"hackers":[6],"are":[7,244],"motivated":[8],"to":[9,27,31,49,67,87,141,153,185,222],"exploit":[10],"vulnerabilities":[11,235],"that":[12,187,210],"could":[13],"result":[14],"in":[15,72,236,247],"or":[17],"data":[18],"loss.":[19],"Therefore,":[20],"it":[21,197],"is":[22,117,183],"crucial":[23],"for":[24,136],"applications":[26,78,107],"undergo":[28],"thorough":[29],"testing":[30,43,149,206],"identify":[32],"and":[33,45,122,173,205],"address":[34],"such":[35],"vulnerabilities.":[36],"Regrettably,":[37],"many":[38],"institutions":[40,83],"neglect":[41,229],"proper":[42],"procedures":[44],"sometimes":[46],"even":[47],"fail":[48],"establish":[50],"a":[51,68,89,118,134,193,218,248],"suitable":[52],"security":[53,93,231],"release":[54],"baseline.":[55],"This":[56,116,163],"report":[57,189],"presents":[58],"an":[59],"analysis":[60],"18":[62],"mobile":[63,137,180,237],"applications,":[64],"each":[65],"belonging":[66],"different":[69,96],"institution":[71],"Africa.":[73],"The":[74,99,239],"selection":[75],"these":[77],"was":[79,101,151,220],"carefully":[80],"executed,":[81],"considering":[82],"varying":[85],"sizes,":[86],"enable":[88],"comparative":[90],"assessment":[91,100,200],"practices":[94],"across":[95],"organizational":[97],"scales.":[98],"conducted":[102,221],"by":[103,124,159],"evaluating":[104],"sampled":[106],"against":[108],"Mobile":[110],"Application":[111,128],"Security":[112,129],"Verification":[113],"Standard":[114],"v2.0.":[115],"set":[119],"checklists":[121],"guidelines":[123],"Open":[126],"Web":[127],"Project":[130],"(OWASP)":[131],"used":[132],"as":[133,157,196],"baseline":[135,230],"application":[138,155],"security.":[139],"Due":[140],"extensive":[143],"nature":[144],"project,":[147],"scope":[150],"limited":[152],"itself,":[156],"experienced":[158],"end":[161,253],"user.":[162],"included":[164,246],"examining":[165],"application\u2019s":[167],"interaction":[168],"with":[169],"back-end":[171],"server":[172],"observing":[174],"its":[175],"behavior":[176],"on":[177],"user\u2019s":[179],"device.":[181],"It":[182],"important":[184],"note":[186],"this":[188,242,255],"does":[190],"not":[191],"provide":[192],"comprehensive":[194],"analysis,":[195],"excludes":[198],"server-side":[203],"API":[204],"business":[208],"logic":[209],"requires":[211],"elevated":[212],"privileges":[213],"within":[214],"application.":[216],"Furthermore,":[217],"survey":[219,243],"gain":[223],"insights":[224],"into":[225],"why":[226],"developers":[227],"may":[228],"thereby":[232],"introducing":[233],"potential":[234],"applications.":[238],"findings":[240],"also":[245],"short":[249],"summary":[250],"at":[251],"document.":[256]},"counts_by_year":[{"year":2025,"cited_by_count":5},{"year":2024,"cited_by_count":5}],"updated_date":"2026-06-26T08:34:08.712188","created_date":"2025-10-10T00:00:00"}
