Chapter 9

Securing Application Code

Any sufficiently advanced technology is undistinguishable from magic.

—Arthur C. Clarke

While designing secure POS and payment applications, developers first think about sensitive data protection. However, they often forget about the fact that the data protection mechanisms by themselves should be protected as well. Insecure application code and configuration open the back doors for hackers.

Code Signing

Code signing is the mechanism that protects software applications from tampering during all stages of the application life cycle, including initial deployment, runtime, and updates. Digital signatures are calculated by the software vendor for each binary file in the application package as the final part of the build and release process. The signature can then be verified by end users to ensure that the code was not modified since it was built by the vendor. In addition, code signing allows recognition of counterfeited binaries that pretend to be legitimate parts of the application, since such files wouldn't have a digital signature at all or their signature would be fake.

Code signing has been used with software distributed through the Internet for a long time. However, the importance of digital signing is often underestimated for “regular” desktop and server software, such as POS and payment applications. Many security breaches could be prevented if merchants had the ability to verify the authenticity of all the code files that are present on ...