Cyber attacks in the recent past have been causing huge losses in revenues for enterprise and also for individuals transacting online. While there have been technology developments to secure the web, the loopholes are many still, for the hackers to exploit. Mobile banking apps have been the latest hunting ground for many cyber criminals.
Although companies are aware of the threat and the need for security, most do not know how to prevent these attacks, especially in today's era where every device is in sync. According to IDC, the mobile payments market will eventually clock transactions of over $1 trillion by 2017.
The latest Kindsight Security Labs report from Alcatel-Lucent highlights that there are currently over 15 million infected mobile devices worldwide - a 20 percent increase from 2013. The Kindsight Security study also found an increase in mobile spyware.
A comprehensive security approach would include the following three factors:
Risk detection on devices
The mobile banking app may have its security measures at a place, but if your device is jailbroken you may be exposed to extreme risk. Jailbreaking a device compromises its security model, giving cybercriminals the opportunity to hack through malware or rogue apps. Outdated operating systems can be another reason behind a security attack. Make sure you use device tracking systems that can keep you informed about such situations allowing you to inform and educate particular customers specifically.
Cyber criminals use mobile devices to access a victim's account through mobile browsers or mobile banking apps. There are ways to maintain anonymity across mobile devices, making it challenging to track the offenders. Stolen credentials through phishing or malware are some of the prevalent ways to exploit and take control of user accounts. Keep a track of security across all these channels.
When a user downloads an app, it is in binary code format, and if the steps have not been taken to protect this binary code, the app is susceptible to reverse engineering. It can be used to modify codes, or to duplicate applications. Products that provide obfuscation and app wrapping are now getting popular as a means to protect source code and prevent reverse engineering.