Mobile application shielding


        In recent years, the financial services industry has faced challenges and explored new opportunities to make digital transformation a reality. 

        The arrival of Fintechs has pushed tech companies and forward-thinking banks to innovate, leading to the launch of successful eBanking, mobile banking and payment services, and changing consumer behavior and expectations forever.  

        We can all now open a bank account in less than 10 minutes, pay by waving a phone or send money to a peer from a mobile app.

        Unsurprisingly, this step-change is accompanied by new and a growing number of mobile security threats

        100% increase in banking Trojans in 2018

        McAfee Labs noted a +77% increase in banking Trojans in 2017 and another +100% from January to September 2018 in its Q1 2019 threats report.

        More globally, mobile financial apps containing valuable data are prey to an increasing number of attacks.

        According to the same company, today's malware is very aggressive and powerful. Malware is no longer developed just by isolated groups or teenagers who want to prove something. It is now developed by criminal groups, and hacktivists, to spy on, steal, or destroy data and generate millions of USD in profit.

         

        The growth of mobile malware from 2015-2017 shown below has kept on booming in 2018 with a clear focus on mobile banking as for fraudsters "Banks are where the money is".

        mobile app shielding 

        New types of malware are spreading through very different methods: from non-official app stores (over all 200B have been downloaded in 2018 alone), from emails containing viruses in their attachments, through trojanized legitimate applications, and from computers to mobile phones.

        Recent social engineering attacks on corporate banking have proven the creativity of cybercriminals. 

        The 3 challenges of mobile banking security

        In this context, mobile banking service providers need to solve a complex puzzle when it comes to protecting their applications:?

        • Maximize user reach despite mobile device fragmentation
        • Address the lack of control of mobile devices in the field and how they are used
        • Maintain end-user convenience with authentication solutions that work for everyone.?

        Here is when Application Shielding comes to the rescue.

        How can we secure mobile banking apps?

        Gartner defines Application Shielding in its Market Guide for Application Shielding as 

        "a set of technologies that modify an application's source, byte or binary code, to make the application more resistant to intrusion, tampering and reverse engineering".

        Indeed, "Application shielding is a research-intensive space in constant evolution, with vendors that require R&D effort to maintain credible solutions. Constant updates from vendors are needed in this space."  

        Mobile app shielding toolkit 

        Gemalto Mobile Security Toolkit is a comprehensive Mobile Application Shielding offering that integrates all the best practices that Gemalto has built and implemented over the years in the digital banking world to secure mobile applications and guarantee their data integrity. 

        The list of possible vulnerabilities of unprotected mobile applications is long. 

        The Toolkit lets you focus just on developing your mobile application, not on its security. 

        There's more.

        It enables you to implement the latest protection techniques while saving you time, energy and money.

        Gemalto Mobile Security Toolkit will help you to:

        Defend

        • Integrity of Mobile App
        • Sensitive Assets

        Detect

        • Unsafe environments
        • Attacks attempts

        React

        • ??Stop execution
        • Perform custom actions such as warning users or sending an alert to a risk-management server?

          Mobile shielding security pillars

        RASP
        RASP

        Runtime Application Self Protection
        Detect that the mobile environment is potentially compromised or mobile application is under attack

        Obfuscation
        Obfuscation

        Prevent hackers from scrutinizing the mobile application and understanding its logic and security protections

        ?





        hardening mobile app ??
        white box cryptography 
        White Box Cryptography?

        Hide secrets and cryptographic keys from the hacker, even in a compromised environment


        Secure User Interface

        ??Secure Keypad

        Prevent discovery of the Knowledge factor

        ?

        Advanced mobile security features

        Gemalto Mobile Security Toolkit provides advanced and tailor-made security features. 

        1. ?Runtim?e Application Self Protection
          Gemalto Mobile Security Toolkit offers protection against dynamic analysis thanks to Runtime Application Self-Protection (RASP), such as Jailbreak/root detection, anti-hooking, anti-debug and anti-tampering.

        2.  Obfuscation
          Gemalto Mobile Security Toolkit offers protection against static analysis (code hardening). It secures your application against cloning, piracy, tampering and key extraction by applying state-of-the-art obfuscation and encryption techniques.

        3. Secure storage
          The secure storage functionality is built to protect sensitive data that is stored within the mobile banking application itself, such as cryptographic keys or any other type of secrets?

        4. Secure User Interface
          Finally, Gemalto Mobile Security Toolkit offers a secure keypad, which is a unique feature on the market. This secure keypad prevents key logging and memory dump attacks.

        Gemalto Mobile Security Toolkit protects your banking application from the most sophisticated and targeted malware, securing the most valuable asset for a bank: consumer trust.

        Gemalto Mobile Security Toolkit is the perfect foundation for a multi-layered security approach that includes multi-factor authenticationsecure messaging and risk–based authentication.

        It's a natural way to be fully in line with all the requirements of new regulations such as PSD2?, FFIEC, MAS and HKMA.

        App shielding: How does it actually work?

        Here is how Gemalto Mobile Security Toolkit protects your app from sophisticated and targeted malware, detects suspicious environments, and helps you react quickly and make sure your sensitive data is secure.

        Stay with us and watch these videos.

        • Root / Jailbreak detection


          Find out how secure environment detection works, with mobile apps detecting Operating System (Android and IOS) vulnerabilities and reacting accordingly.

          Watch video

        • Data encryption


          Find out how data encryption can protect sensitive data from being revealed in clear.

          Watch video

        • Code obfuscation


          Find out how intensive code obfuscation protects against reverse engineering, preventing the code logic and structure from being revealed in clear.

          Watch video

        • Secure keypad


          Find out how secure key pads protect against PIN/Password capture by spying malwares (key loggers).

          Watch video

        Now it's your turn

        What do you think??

        If you've something to say on mobile security and app shielding, a question to ask, or have simply found this page useful, please leave a comment in the box below

        We look forward to hearing from you.?


        爱播速影院