MOBILE SECURITY BLOG

With the drastically increasing frequency of hacking attempts on mobile applications, on both iOS and Android, and the often devastating consequences they unleash, it is more crucial than ever to use mobile application security solutions. Hardening and shielding refer to a set of technologies designed to protect applications against piracy, exploits, breaches, tampering, as well as reverse-engineering and invasive monitoring, therefore securing intellectual property and ensuring compliance with the current data privacy regulations.

Do you usually install your airline mobile app when traveling? You may think twice before using it for your next vacation.

Our latest study based on the security testing of global top 50 airline mobile applications shed the light on some alarming data privacy concerns. The audit was performed this week by Pradeo Security, an engine designed to reveal mobile apps’ behaviors (data processing) and vulnerabilities. Among the 50 mobile applications tested, had been included the most used ones globally, mainly from North America, Western Europe and Eastern Asia.

Most online transactions require a two-step authentication, and the One-Time-Password (OTP) sent by SMS is often one of those two steps. The purpose of an OTP is to prevent fraud by confirming that the person making the transaction and the credit card owner are one and the same. To do so, a temporary code is automatically sent by SMS to the phone number associated with the bank account used.

Banks have digitalized their services to offer the best experience to their clients. As a result, it is now of current use to check accounts and transfer money from mobile banking applications, arousing the interest of hackers to exploit the wide mobile attack surface. Facing this new vector of threats, the Bank to which this use case refers decided to ensure the security of its mobile banking application by leveraging Pradeo Security Runtime Application Self-Protection (RASP) solution. 

While the World Cup is around the corner, football applications are becoming omnipresent. Among their features, you can check live scores, follow your team ranking, create an account linked to your social media etc. At first sight, nothing scary. But while investigating applications* connected to one of the most followed event in the world, Pradeo’s research team found out a worrying trend: most of them are highly intrusive and vulnerable. On top of the list, there is the Eurosport app which was downloaded more than 10 million times.