| Online: | |
| Visits: | |
| Stories: |
| Story Views | |
| Now: | |
| Last Hour: | |
| Last 24 Hours: | |
| Total: | |
More Security Needed for Mobile Apps: Kokes
Too many mobile apps are being released without adequate security, Mark Kokes, vice president, corporate development and intellectual property licensing for Intertrust Technologies Corp., tells Mobile Marketing & Technology.
Kokes was a keynote speaker at the recent MM&T Mobile Payments Conference in Miami Beach, Fla.
“The Internet and like the app stores are like the Wild West,” Kokes says, adding that even the Apple App store and the Google Play, which both have security protocols approved by Apple and Google, respectively, can have security compromised if the user makes changes to a downloaded app.
Additionally, authorized app users will probe for “secured” keys that will unlock content or personal information such as credit card or Social Security numbers.
In order to protect against such tampering, companies offering apps need to follow the following security practices, according to Kokes:
- Use advanced code and data obfuscation techniques at the source code level
- Implement secure jailbreak/root detection
- Implement anti-debugging protection to prevent an attacker from analyzing an app within a debugger
- Use multi-level integrity protection to thwart tampering and malware injections
- Use cross checking techniques for shared libraries by signing libraries with cryptographic signatures.
If Target had followed the above techniques, it would have prevented the breach that has cost financial institutions an estimated $200 million, according to Kokes. Target has yet to determine what the breach cost the firm, though it did blame the incident for some of the drop in the retailer’s revenues and sales its most recent financial report.
Source: http://mobilemarketingandtechnology.com/2014/02/21/more-security-needed-for-mobile-apps-kokes/
