Source: https://owasp.org/www-pdf-archive//OWASP_Day_Indonesia_2017_-_Fixing_Mobile_AppSec.pdf