Mobile devices are rapidly becoming the instrument of choice for digital users, impacting the financial sector as well. The new generation needs banking to be mobile-friendly. Per the findings of the Federal Reserve, mobile banking usage is at 67% for the age group of 18-to-29. The primary concern for not adopting mobile for banking was security. With mobility being an unstoppable force, organizations need to understand this risk vector to adequately plan for and mitigate threats. This article is directed toward some of the most notable (and exploited) vulnerabilities in the mobile space.
As with any malware, mobile malware is a piece of code written to attack a smart phone or similar device. Mobile malware history goes back to at least the year 2000, when the first know mobile malware “TIMOFONICA” was detected by researchers. In 2016, malware like "Godless" that can root up to 90% Android devices are found in the wild.
A quick look at the analytics done by Kaspersky lab shows the number of Mobile Banking Trojans is going up. About 56,194 users were attacked by mobile banking Trojans at least once during the year 2015.
Malware active in the wild can be currently classified as spyware/adware, Trojan and viruses, phishing apps, or bot processes. Their sole intention is to capture valuable personal information and exfiltrate it.
Mobile devices support multiple platforms like iOS, Android, Windows, etc. With iOS and Android dominating the market, lets take a look at relevant vulnerabilities that are exploited:
Fraud protection provides organizations with preventive and detective mitigation approaches for modern mobile applications. A range of techniques is used to assess the security integrity of the device; this information is provided to the application and shared with an organization's risk engine to mitigate and remediate threats. Some key features that help overcome these threats include:
Certificate Forging Detection: Checking the certificate helps prevent against Man in The Middle attacks. The functionality checks for certificate validity against the stored information.
DNS Spoofing Detection: Defends against Man in the Middle attacks by resolving server names and comparing them against stored information.
Jailbreak/Rooting Detection: Detects compromised device by checking for root privileges.
Malware Detection: Looks for indicators of compromise and conducts behavior analysis to find installed malware on the device.
Unpatched/Unsecure OS detection: SDK is able to compute the Android Version/iOS version and provide the information to an application.
Focus Stealing Detection: The feature allows application to detect if a rogue application stole focus from the protected application. MobileSafe will generate a broadcast event for the application to respond to this threat.
Repackaging Detection: For Android apps, the solution will check for the signature to ascertain its authenticity, For iOS, checking for repackaging involves computing MD5 hashes and validating.
Setting Up the Environment
The solution can be set up by enabling F5 MobileSafe on an existing WebSafe environment.
Mobile devices provide users with convenient and easy access to online services, fuelling massive adoption. Hackers are trying to maximize new attack vectors because of the limited understanding of security in this domain. F5’s Fraud Protection Solution provides organization a view into the mobile endpoints and protects against modern and sophisticated threats.