Go to content Phone human-readable description of the message we trying to accomplish. Search human-readable description of the message we trying to accomplish. Map pin human-readable description of the message we trying to accomplish.

Sadly, it has always been true that criminals follow the money. Now that money and financial applications are sitting in our mobile devices, they are under attack. And because of the large-scale usage of banking and social media, the attacks are now potentially worthwhile, as are the rewards.

It should therefore come as no surprise that there is a new Android malware Trojan targeting around 94 US and European banking apps, as well as a bunch of social media apps. These include apps from top tier financial services companies, including American Express, Wells Fargo, PayPal, Santander and others. I’m sure that all of these apps include a level of software protection, but the attack appears to bypass this by gaining root access to the handset. Sadly, with software protection, it is always going to be a cat and mouse game, much like the anti-virus updates you used to see every few days on your laptop or computer.

However, there is a solution. Accessible hardware protection is available in over 750 million Android handsets and, because the separation is done at the processor level, it can’t be bypassed by crafty hackers. The usual question is: “What do we do about the handsets that don’t support the hardware?”.  Well, Trustonic offers a hybrid solution which automatically delivers security at the hardware level if it is available on the handset, but provides sophisticated software protection if it isn’t. This hybrid solution is far more secure than a pure software-based solution, offering scale across all devices, and, importantly, optimal security protection – hardware TEE where available, software everywhere else.

While there will inevitably be other potential sources of easy illicit money somewhere in the world for those so-inclined, the days of it being worthwhile investing time and effort in trying to prise money from banking apps should really be numbered.

For more information on how Trustonic can help to protect mobile payments, our upcoming webinar on 6thDecember will be invaluable. Further details are available at http://bit.ly/2eW4XVS

Related content

The Benefits of Trusted User Interface (TUI)

Trusted User Interfaces (TUIs) are the next big thing for securing critical mobile apps. The Trusted User Interface feature allows a Trusted Application to interact directly with the user via a common display and touch screen, completely isolated from the main device OS.


What is a Trusted Execution Environment (TEE)?

A Trusted Execution Environment (TEE) is an environment for executing code, in which those executing the code can have high levels of trust in that surrounding environment, because it can ignore threats from the rest of the device.


What is TrustZone?

Arm® TrustZone® technology provides a cost-effective methodology to isolate security critical components in a system, by hardware separating a rich operating system, from a much smaller, secure operating system.



All Financial Services posts
Back to top