As the recent Equifax security breach reinforced, as the sophistication of our technology continues to increase, so will the susceptibility of organizations information to being compromised by a data breach. In fact, the Equifax hack was so massive that it affected nearly half of the United States population. Or, more precisely, 143 million consumers. You do not want your company even remotely associated with this type of public relations nightmare.
Furthermore, It’s these types of situations that are making the public increasingly wary of transferring information via mobile devices. Mobile phone companies security systems protect their operating systems but not the mobile payment application providers. The big concern is that if your company’s app is compromised, that information can be used to launch a much wider attack. This is why Aaron Lint, Vice President of Research at Arxan Technologies, says: “As consumers increasingly rely on mobile payment services, the institutions must evolve their protection and prevention practices to include intelligent, responsive defenses built inside their applications.”
- Research is showing that mobile devices are increasingly un-trusted.
- As an institution, you must set risk policy based on the usage of mobile devices which are hard to quantify in terms of risk.
- The devices themselves are responsible for enforcing their own policies.
- These policies are designed to protect the platform, and the user, not the app provider (institution)
- The Apps contain information that can be directly used to launch an attack against your institution.
- It calls for the need to build defenses inside the applications, and connect that intelligence with your existing risk management practices.
- With defense built inside the app, it minimizes the risk of trusting mobile devices.