Although I can say that most financial institutions are not nearly as scrupulous in checking their systems as you would expect.
When I would work my way through their auth layer, I'd be sending them like 500 login requests every hour. They never contacted the account I used, so I have to assume they weren't checking for abnormalities like that.
The only time I really fucked up was when I tried to do that with a particular broker in Singapore. Singaporean companies have their shit _locked down_. I spent one hour debugging one of their endpoints, and it let off so many alarms that the CTO of their company was woken up in the middle of the night.
I respect the need to abide by an NDA, and I assumed something along those lines would be the case. Thanks for the tidbits nonetheless! The intersection between finance and tech at the highest levels like that has always intrigued me.
When I would work my way through their auth layer, I'd be sending them like 500 login requests every hour. They never contacted the account I used, so I have to assume they weren't checking for abnormalities like that.
The only time I really fucked up was when I tried to do that with a particular broker in Singapore. Singaporean companies have their shit _locked down_. I spent one hour debugging one of their endpoints, and it let off so many alarms that the CTO of their company was woken up in the middle of the night.