Security & Trust

Financial Security

FinTech (contraction for financial technology) is a label that applies to all the financial services provided using digital technologies, it ranges from mobile payments to insurance, from crowd-funding to cryptocurrencies. Due to the highly sensitive nature of the FinTech transactions, it is mandatory to provide solutions and abide by standards that can keep the entire ecosystem secure.

Our focus:

  • Security and risk assessment of strong customer authentication solutions
  • Compliance with fintech regulations (e.g., PSD2 and PCI-DSS)
  • Know your customer (KYC)
  • Cyber threat intelligence

Related Publications

  • Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi
    TLSAssistant goes FINSEC: A Security Platform Integration Extending Threat Intelligence Language
    In: 1st International Workshop on Cyber-Physical Security for Critical Infrastructures Protection (CPS4CIP 2020)
  • Andrea Bisegna, Roberto Carbone, Mariano Ceccato, Salvatore Manfredi, Silvio Ranise, Giada Sciarretta, Alessandro Tomasi, Emanuele Viglianisi
    Automated Assistance to the Security Assessment of API for Financial Services in book Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures
    In: Cyber-Physical Threat Intelligence for Critical Infrastructures Security: A Guide to Integrated Cyber-Physical Protection of Modern Critical Infrastructures (DOI)
  • Federico Sinigaglia, Roberto Carbone, Gabriele Costa, Nicola Zannone
    A Survey on Multi-Factor Authentication for Online Banking in the Wild
    In: Computers & Security Journal (COSE) (DOI, complementary material, news)
  • Salvatore Manfredi, Silvio Ranise, Giada Sciarretta
    TLSAssistant: uno strumento per mitigare i problemi di sicurezza di TLS
    In: ICT Security Magazine (URL, news)
  • Federico Sinigaglia, Roberto Carbone, Gabriele Costa, Silvio Ranise
    MuFASA: A Tool for High-level Specification and Analysis of Multi-factor Authentication Protocols
    In: Emerging Technologies for Authorization and Authentication (ETAA 2019) (DOI, complementary material, news)

Related Theses

  • Alessandro Pegoraro (Bachelor's Thesis, University of Trento, 2021)
    Payment Services Directive 2 in the Wild - A comparison between Open Banking UK and NextGenPSD2
    Supervisor: Silvio Ranise | Co-supervisors: Giada Sciarretta, Salvatore Manfredi
  • Alessio Valenza (Bachelor's Thesis, University of Trento, 2020)
    Autenticazione bancaria post-PSD2: siamo al sicuro? Analisi automatica del rischio di protocolli di autenticazione
    Supervisor: Silvio Ranise | Co-supervisors: Giada Sciarretta, Marco Pernpruner