What is the best practice to secure cost REST call?

Asked Oct 23 '17 at 12:57

Active Oct 23 '17 at 13:15

Viewed 36 times

For getting authenticated as a new user over my app, there is a need to make a call to REST function from the mobile app to send SMS or a voice call to the desired device to get a PIN code, this flow costs us money.

The problem is, that we found a lot of false requests by some several hackers over the world.

My question is what is the best practice to solve such security issue ?

Is creating public key and private key enough? or maybe encryption of the body can either solve this issue?

edited Oct 23 '17 at 13:15

asked Oct 23 '17 at 12:57

roeygol

4,908
9
51
88

No, any measures to keep the hackers out are meaningless, as long as you want to keep the legitimate users in. Whatever encryption you add, hackers see and can use it. – Sergio Tulentsev Oct 23 '17 at 13:00
@SergioTulentsev what about public and private keys ? – roeygol Oct 23 '17 at 13:19
Doesn't matter. Public keys are called that for a reason, everybody can see them. – Sergio Tulentsev Oct 23 '17 at 13:21
@SergioTulentsev is Keycloak can solve such problem ? – roeygol Oct 24 '17 at 08:08

What is the best practice to secure cost REST call?

0 Answers0