New INSIDE Secure whitepaper available; The Power and Risk of Mobile

IS_WHPBy INSIDE Secure.

Mobile is fast becoming the preferred method for individuals to access critical online services. This increasingly means that sensitive personal information is being stored on mobile phones. Criminals are aware of the value of this data – which affects a wide range of industries and sectors. These criminals are intelligent and highly resourced so can exploit weaknesses in the mobile platforms, operating systems and applications.

Research suggests that half of mobile users will not take any steps to protect their devices, even when aware of the risks; and so-called operating system defenses are easily broken down. Mobile application developers need to be aware of this; and have to assume that the devices their applications are running on have been – or will be – compromised. This means that developers need to take responsibility of making their applications protect themselves.

Afterthought solutions to protect applications, such as malware and root detection, do not work. There are two reasons for this:

  • Firstly, such detection work on a blacklist model – they search for known problems. This makes it an arms race and one the hackers are winning.
  • Secondly, users react badly to applications that force restrictions on how they can use their phone – some users want to “root” their phone, others do not want to be made to install anti-virus software. These problems can be avoided if security is considered early in the development process.

To protect their services and their users, mobile application developers need to ensure that the following techniques have been applied to their applications to secure them against any potential leak of sensitive data:

  • Code Integrity Checks: Prevents any unauthorized changes to the mobile app.
  • Code Obfuscation: Hides the critical and sensitive portions of a mobile app.
  • WhiteBox Cryptography: Enables secure encryption and data storage on any platform.
  • Processor Native Code: Provides the solid foundations to build the protection layers.

INSIDE Secure’s MatrixSSE combines these techniques into a comprehensive package that has been deployed in more than 400 million mobile applications to secure financial, entertainment and gaming services. These applications have successfully gone through extensive penetration and attack testing by external security labs.

You can read more on this matter in our latest free whitepaper; The Power and Risk of Mobile. Available for download now.

Tags: , , , ,

Categories: Mobile Data Content

CONNECT with Contactless Intelligence

Connect with us here

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

w

Connecting to %s

%d bloggers like this: