Dr. Vincent Haupert

Security Researcher • Entrepreneur • Consultant • Speaker

What I am all about

I am a computer security researcher and proven expert in the field of mobile banking and fintech security. I do freelance work in information security: from design and conception to implementation and execution. Mainly, I've been working as a mobile security consultant for popular German banks, fintechs and car manufacturers as well as their suppliers. I've worked for companies throughout the EU and also the US, though.

Prior, I have been a research fellow and PhD candidate at the IT Security Infrastructures Lab in the Computer Science Department of the Friedrich-Alexander University Erlangen-Nürnberg. I'm still associated to the lab. Before I started to work as a freelancer full-time, I served as Chief Information Security Officer for an Allianz company.

In 2022, I co-founded YAXI, a fintech which reimagines how companies implement access to bank accounts of their users. Through its unique confidential computing approach, YAXI allows regulation-free access to regulated bank APIs without ever seeing sensitive data.

My work receives broad coverage in the media and quality press making me a well-received speaker and panelist. In 2021, I have been recognized as 40 under 40 of Capital magazine.

CV Overview

CV Overview

Work Experience

Since 2022

Chief Executive Officer

Co-Founder and managing director of YAXI, a fintech to develop open, secure and privacy-friendly access to regulated banking APIs in Europe.

Top grant from BayTOU
Winner Start?Zuschuss!
Winner Bavarian business plan competition
Winner Bitkom Digital Finance Conference pitch competition
Eligible for BAFA INVEST

YAXI GmbH 

Neustadt an der Aisch, Germany

Since 2015

Freelancer

Consulting in the field of information security.

40 under 40 of Capital magazine

2019 - 2021

Chief Information Security Officer

IconicFinance GmbH

Munich, Germany

2017 - 2019

Co-Founder

Security assessments for Android and iOS applications.

4th Place BaystartUP Business Plan Competition

Pentive

Nürnberg, Germany

2016 - 2019

Research Fellow

Responsible for the research project Software-based Hardening for Mobile Applications.

Friedrich-Alexander University Erlangen-Nürnberg

Erlangen, Germany

2013 - 2016

Research Assistant

Tutor for the courses Hacking Lab and Software Reverse Engineering. Research in the field of system and mobile security.

Friedrich-Alexander University Erlangen-Nürnberg

Erlangen, Germany

2013 - 2016

Working Student

Software Engineer in the department of IT Security Products.

DATEV eG

Nürnberg, Germany

2010 - 2013

Apprenticeship

Computer Science Expert (Fachinformatiker Anwendungsentwicklung).

DATEV eG

Nürnberg, Germany

Education

2022

Law Student

Staatsexamen
Interrupted to build YAXI

Friedrich-Alexander University Erlangen-Nürnberg

Erlangen, Germany

2016 - 2019

Doctor of Engineering

Information Security, Dr.-Ing.
Thesis: "Security of Mobile Banking between Innovation and Regulation" (PDF)

Friedrich-Alexander University Erlangen-Nürnberg

Erlangen, Germany

2014 - 2016

Master of Science

Computer Science, M.Sc.

Friedrich-Alexander University Erlangen-Nürnberg

Erlangen, Germany

Deutschlandstipendium: scholarship for highly talented students

Federal University of Paraná

Curitiba, Brazil

DAAD UNIBRAL scholarship
DAAD FITweltweit scholarship

2011 - 2014

Bachelor of Science

Computer Science (B.Sc.)

Friedrich-Alexander University Erlangen-Nürnberg

Erlangen, Germany

2010 - 2013

Computer Science Expert

"Fachinformatiker für Anwendungsentwicklung"

DATEV eG

Nürnberg, Germany

Language Skills

German

Native speaker

English

Highly proficient in speech and writing

Portuguese

Very good command

Talks

bwsecurity day 2020

Praktische Sicherheit im Onlinebanking

Zurich. March 11, 2020

Gemalto

Grenzen und Perspektiven im Mobilebanking

Zurich. March 28, 2019

Mastercard Advisory Board

Fintech Security

Berlin. October 11, 2018

Bitkom

Sicherheitsanforderungen im Digital Banking

Berlin. July 5, 2018

LKA Baden-Württemberg

Sicherheit beim Mobilebanking

Stuttgart. April 12, 2018

Elster-Dialog

Grenzen und Perspektiven mobiler Smartphoneauthentifizierung am Beispiel digitaler Bankgeschäfte

Starnberg. January 22, 2018

34th Chaos Communication Congress

Die fabelhafte Welt des Mobilebankings

Leipzig. December 27, 2017

DG Verlag Karten-Forum

Sicherer Zugriff auf das Bankkonto

Bad Homburg. November 6, 2017

Reiner SCT Bankentag

Sicherheit App-basierter TAN-Verfahren

Bochum. March 9, 2017

33th Chaos Communication Congress

Shut Up and Take My Money! The Red Pill of N26 Security

Hamburg. December 27, 2016

32th Chaos Communication Congress

(Un)Sicherheit von App-basierten TAN-Verfahren im Onlinebanking

Leipzig. December 28, 2015

Panels, Podcasts & Discussions

MDR: Das kleine Anlage-ABC

M ... wie Multibanking-Apps 

August 4, 2022

Golem.de

Die zwei Fronten der Onlinebanking-Sicherheit 

July 13, 2022

SWR: Geld, Markt, Meinung

Mobiles Banking - Chancen und Risiken 

April 30, 2022

NDR: Dürfen Die Das?

O-Ton zur Sicherheit bei digitalen Bankgeschäften 

March 10, 2022

Finanztest 02/2022

Interview zur Sicherheit beim Mobilebanking 

January 18, 2022

NDR Markt

Risiken beim Online-Banking 

August 30, 2021

16. Internationale Konferenz für Finanzdienstleistungen

Die Grenzen des Digitalen - Zukunft des Bankings

June 18, 2021

Transactions 2020

Q&A with Edward Snowden

February 25, 2021

Banking Exchange

Security bei Banken und Fintechs

June 9, 2020

Optile & J. P. Morgan

SCA: What’s next for customers and merchants?

November 28, 2019

Payment & Banking FinTech Podcast

SCA und seine Anforderungen

June 7, 2019

Banking Exchange

Security

Frankfurt on the Main. September 27, 2018

EKS Kartensicherheit 2018

Zahlen Sie eigentlich schon mit Ihrem Smartphone?

Offenbach on the Main. September 25, 2018

Payment & Banking FinTech Podcast

PSD2 Security

March 16, 2018

RatePAY

Ask Me Anything

March 8, 2018

Payment Exchange

Cybercrime

January 26, 2018

American Express Insights Network

Sicherheit im Zahlungsverkehr

September 14, 2017

Deutschlandfunk "Marktplatz"

Auf Nummer sicher? Bezahlen und überweisen im Internet

July 13, 2017

Payment & Banking FinTech Podcast

Sicherheit bei Fintechs

January 9, 2017

Academic Publications

2024

Jochen Hoffman and Vincent Haupert. "Exklusivität der Apple Wallet: Missbrauch oder Sicherheitsgewinn?". Recht der Zahlungsdienste 1 (2024): 36-43.

2020

Dominik Maier, Henrik Erb, Pattrick Mullan, and Vincent Haupert. "Camera Fingerprinting Authentication Revisited". Proceedings of the International Symposium on RAID 2020, Donostia / San Sebastian, Spain. Cham, Switzerland: Springer International Publishing, 2020.

2019

Vincent Haupert. "Sicherheit mobiler Bankgeschäfte zwischen Innovation und Regulierung" (German, PDF). Dissertation, 2019.
Vincent Haupert, and Stephan Gabert. "Where to Look for What You See Is What You Sign? User Confusion in Transaction Security." Proceedings of the ESORICS 2019, Luxemburg Ed. Kazue Sako, Steve Schneider, Peter Ryan, Cham, Switzerland: Springer International Publishing, 2019.
Vincent Haupert, and Stephan Gabert. "How to Attack PSD2 Internet Banking." Proceedings of the FC 2019, Saint Peter Basseterre. Cham, Switzerland: Springer International Publishing, 2019.

2018

Malte Kraus, and Vincent Haupert. "The Swift Language from a Reverse Engineering Perspective." Proceedings of the ROOTS, Vienna. New York, NY, USA: ACM International Conference Proceedings Series (ICPS), 2018.
Vincent Haupert, et al. "Honey, I Shrunk Your App Security: The State of Android App Hardening." Proceedings of the DIMVA 2018, Paris. Ed. Giuffrida, Bardin; Sébastien, Blanc Gregory. Cham, Switzerland: Springer International Publishing, 2018. 69-91.
Vincent Haupert, and Gaston Pugliese. "Ich sehe was, das du nicht siehst: Die Realität von Mobilebanking zwischen allgemeinen und rechtlichen Anforderungen." Proceedings of the Sicherheit, Schutz und Zuverlässigkeit, Konstanz; Ed. Langweg, Hanno; Meier, Michael; Witt, Bernhard C.; Reinhardt, Delphine. Bonn: Köllen Druck+Verlag GmbH, 2018. 157-168.
Vincent Haupert, and Tilo Müller. "On App-based Matrix Code Authentication in Online Banking." Proceedings of the ICISSP 2018, Funchal, Madeira. Ed. Furnell Steven; Mori Paolo; Camp Olivier. Setúbal: SciTePress, 2018. 149-160.

2017

Vincent Haupert, Dominik Maier, and Tilo Müller. "Paying the Price for Disruption: How a FinTech Allowed Account Takeover." Proceedings of the ROOTS, Vienna, Austria. New York, NY, USA: ACM, 2017. 7:1-7:10.
Jochen Hoffmann, Vincent Haupert, and Felix Freiling. "Anscheinsbeweis und Kundenhaftung beim Online-Banking." Zeitschrift für das gesamte Handelsrecht und Wirtschaftsrecht 181.5 (2017): 780-816.
Vincent Haupert, and Tilo Müller. "Rest In Protection: A Kernel-Level Approach to Mitigate RIP Tampering." Proceedings of the ICISSP 2017, Porto. Ed. Mori, Paolo; Furnell, Steven; Camp, Olivier. Setúbal: SciTePress, 2017. 25-37.

2016

Vincent Haupert, and Tilo Müller. "Auf dem Weg verTAN: Über die Sicherheit App-basierter TAN-Verfahren." Proceedings of the Sicherheit, Schutz und Zuverlässigkeit, Bonn. Ed. Meier, Michael; Reinhardt, Delphine; Wendzel, Steffen. Bonn: Köllen Druck+Verlag GmbH, 2016. 101-112.

Contact

Address
Dr. Vincent Haupert
Hallerstr. 42
90419 Nürnberg
Bavaria, Germany
Email
mail@vincent-haupert.de (Age, PGP, S/MIME)
Phone Number
+49 911 25 56 97 58
Threema
54K78E3P
VATIN
DE301770807