INSIDE SECURE | The Wild West of Mobile Security


INSIDE SECURE | The Wild West of Mobile Security
Verimatrix Verimatrix
View Full Case Study
Contact Vendor
Feature New Record

The researchers know from past experience that some banks do take security of their mobile applications seriously. These are the banks the researchers work with on a daily basis. Given no application in the sample set achieved an A or B rating, it emphasises how much in the minority these banks are.

Mobile financial payment providers.

New European regulations are putting more requirements on organisations to keep their customers’ data safe. The basis of the requirement is that the customer owns their data and an organisation “borrowing” that data has a duty of care over the information and needs to use “state of the art” security to keep customer data from fallings into unauthorised hands. Any lapses in that duty can result in large fines (up to €20m or 4% of turnover, whichever is higher).

Cutting Edge (technology has been on the market for < 2 years)

It is not recommended to build security solutions in-house; rely on a proven solution that gets exposed via their broad install base, and has teams dedicated to securing mobile applications.

It is important to plan ahead so that the risk is reduced and a remediation plan is in place to minimise any fallout both in terms of image and PR but also technically.

Device binding is a technique to lock an instance of the mobile application to a particular phone. This stops the application being cloned. It also helps control access to back-end servers as user credentials can be locked to a given device.


Fatal error: Call to a member function getLabel() on null in /efs/ on line 9