Go to content Phone human-readable description of the message we trying to accomplish. Search human-readable description of the message we trying to accomplish. Map pin human-readable description of the message we trying to accomplish.

Sadly, it has always been true that criminals follow the money. Now that money and financial applications are sitting in our mobile devices, they are under attack. And because of the large-scale usage of banking and social media, the attacks are now potentially worthwhile, as are the rewards.

It should therefore come as no surprise that there is a new Android malware Trojan targeting around 94 US and European banking apps, as well as a bunch of social media apps. These include apps from top tier financial services companies, including American Express, Wells Fargo, PayPal, Santander and others. I’m sure that all of these apps include a level of software protection, but the attack appears to bypass this by gaining root access to the handset. Sadly, with software protection, it is always going to be a cat and mouse game, much like the anti-virus updates you used to see every few days on your laptop or computer.

However, there is a solution. Accessible hardware protection is available in over 750 million Android handsets and, because the separation is done at the processor level, it can’t be bypassed by crafty hackers. The usual question is: “What do we do about the handsets that don’t support the hardware?”.  Well, Trustonic offers a hybrid solution which automatically delivers security at the hardware level if it is available on the handset, but provides sophisticated software protection if it isn’t. This hybrid solution is far more secure than a pure software-based solution, offering scale across all devices, and, importantly, optimal security protection – hardware TEE where available, software everywhere else.

While there will inevitably be other potential sources of easy illicit money somewhere in the world for those so-inclined, the days of it being worthwhile investing time and effort in trying to prise money from banking apps should really be numbered.

For more information on how Trustonic can help to protect mobile payments, our upcoming webinar on 6thDecember will be invaluable. Further details are available at http://bit.ly/2eW4XVS

Related content

Korea’s KB Bank Uses Trustonic In-App Protection to Enhance Mobile Banking Experience

Using Trustonic Application Protection enables KB Bank to dramatically improve the authentication experience for users of its mobile banking app and allow secure high value transactions

2nd April, 2020 – Mobile cybersecurity leader, Trustonic, today announces the successful implementation by KB Kookmin Bank (KB Bank) of Trustonic Application Protection (TAP) to enable a simpler authentication experience for users of its KB Star Banking app.

Trustonic + Lookout – Advanced Mobile Security for Banking & Fintech Apps

The need for in-app protection for critical mobile apps is greater than ever. The partnership between Lookout and Trustonic brings together two of the most robust app security platforms on the market, delivering the advanced security and protection required by banks and fintechs wishing to offer PSD2-compliant services and Strong Customer Authentication (SCA) requirements.

Lookout & Trustonic Partner to Provide Comprehensive End-To-End Mobile App Security

San Francisco, CA - October 17, 2019 - Lookout, Inc, the leader in securing the post-perimeter world, has announced a record year for its App Defense product with new customer acquisitions and strategic go-to-market partnerships. App Defense helps enterprises protect their customer-facing apps from data compromise and fraudulent transactions. Breaches can have a significant impact on brands as hackers can compromise consumer's credentials, steal PII data and initiate account takeovers.

The Benefits of Trusted User Interface (TUI)

Trusted User Interfaces (TUIs) are the next big thing for securing critical mobile apps. The Trusted User Interface feature allows a Trusted Application to interact directly with the user via a common display and touch screen, completely isolated from the main device OS.

All Financial Services posts
Back to top