Mobile Threat Defense 5 Things an App provider must ensure-Manish Mimani

Increasing dependence on smartphone applications is accelerating and is almost irreversible. After the COVID outbreak, when we were all forced to stay indoors, mobile phones became a dominant medium for work, shopping, financial/non-financial transactions, information and entertainment. Mobile applications have seen widespread adoption with user expectations constantly rising at a rapid pace.

Numerous brands have joined the app bandwagon to strengthen their relationship with consumers and expand globally. Amid the rapidly growing application users and the application providers’ focus on providing the best possible user experience, the security aspects have not received the attention they deserve. The cyber attackers saw this as a great opportunity and intensified their attacks through mobile devices and applications.

The only way for an application vendor to survive such threats is to enable the mobile application to identify such threats and protect itself on a runtime basis. Before launching your mobile application for your end users, e.g. when your app deals with sensitive user data or financial transactions, make sure your app is robust with respect to these 5 basic security elements:

Device and operating system security

Smartphone users may have reasons for using rooted or jailbroken devices. Some may want to get rid of preloaded apps on their phones or some may want more control over their phones. It can be used to install ad blockers or play music with the screen locked. However, a rooted or a jailbroken device is vulnerable to attacks or malware where sensitive user data can be easily stolen. Application providers must therefore consider whether it will be safe for their users as well as for the enterprise to run their applications on such a device. If not, arranging an appropriate security solution is a must. The security tool should also be able to detect if the device has an updated operating system and if there is an attempt to open the application through emulators/simulators.

Application security

Apps can receive threats from a number of sources and the attackers sit right next to exploiting the vulnerabilities to send malicious attacks and mine user data. Reverse engineering is used by security researchers to find security risks in programs, but it is also used by hackers to attack and manipulate the applications. Two other methods frequently deployed by fraudsters are to trick mobile users into installing apps from links provided in SMS/emails, or to allow mirroring of their device screen when the app is in use. Aim to provide security features in your applications so that the application itself detects such anomalies and initiates action as configured by the application provider organization.

Network security

Use of an unsecured network connection by your mobile application user can invite malicious attacks such as Man-in-the-Middle (MITM), SSL stripping or fake certifications. Give your customers peace of mind by equipping your app with the ability to detect an unsafe network and alert the user. Furthermore, your application should be able to detect proxy/VPN connections, as well as any fake certificates used for SSL decryption.

Malware detection

Market reports indicate that India is one of the countries with the highest no. of malware attacks on mobile phones and that the security breach incidents are increasing with the increasing adoption of mobile payment by Indians. In recent weeks, mobile app users have been targeted by malware and trojans such as Oscorp, Brata, SOVA, Drink, etc. that defraud victims or steal critical data through remote access controls, keylogging, screen recording and other breaching techniques.

It is pertinent for companies that provide mobile applications to ensure that their application has the ability to protect against app spoofing attacks when the application is launched. The app security solution must work all the time as long as the app is alive and active to protect against malware threats, not just at app launch. Sideloaded apps and overlays during app usage are serious threats that need to be effectively managed.

Safeguards must evolve

Adding to the woes of application vendors, the world of cyber attacks is constantly evolving with new methodologies to counter the security measures already deployed. Therefore, the security measures deployed by application providers cannot be static. They should be reviewed and updated regularly. Any vulnerabilities identified during VAPT or Code Review must be addressed quickly.

We all understand how important security frameworks are for systems to continue functioning without any delays or cyber attacks. When security is not considered a top priority from the initial stage, it paves the way for attacks at a later stage. It is required that the mobile banking applications are equipped with a Runtime Application Self-Protection (RASP) framework so that potential threats are addressed on a real-time basis. Organizations that provide mobile applications can use the services of a specialized mobile threat defense (MTD) solution designed to not only repel the application, but also comprehensively protect against unknown threats on customer devices. This, along with strong customer awareness campaigns, is necessary for a safe and secure digital adoption.