https://www.owasp.org/index.php/Session_Management_Cheat_Sheet

https://www.owasp.org/index.php/Transport_Layer_Protection_Cheat_Sheet

https://www.owasp.org/index.php/HTTP_Strict_Transport_Security

https://www.javacodegeeks.com/2013/06/java-security-tutorial-step-by-step-guide-to-create-ssl-connection-and-certificates.html

Alternative zum Zahlungen selbst implementieren? : https://stripe.com/de