A European financial institution with a global footprint developed a mobile app to meet customer demand. The app enabled clients to download financial statements onto their devices. It also permitted them to view details and summary information about their accounts online. And it facilitated peer-to-peer transactions to speed payments to other parties.
The Cyber Security Issue
The organization did its best to protect the app-login credentials of its customers from cyber criminals. The app supported two-factor authentication (2FA). 2FA requires the user that has logged into an account also provide a passkey transmitted to the user’s designated device. The user must use the device to enter the passcode to access account information.
The institution went to great lengths to ensure network and server security, using encryption algorithms to secure network communications.
The institution quickly realized, that it could not rely on end-users to install and update cyber security software on their personal devices to protect the financial app.
The company had to initiate security measures for the app and its data on the devices of every one of its customers. They knew, that conventional IT-based cyber security measures rooted in command-and-control deployment of updates of security software were not a reliable option: the app was built to operate on multiple operating systems. Also, the range of mobile brands on which customers would expect the app to run seemed to be mushrooming.
In addition, with a global base of busy customers who were always crossing borders, app makers could never be certain that security updates had been properly installed to protect devices from hackers and new threats.
Promon SHIELD™ Provides the Solution
Executives chose not to wait for a major data breach to happen to a customer device supporting the financial app. Investigations into possible solutions led the IT department to settle on Promon SHIELD™.
Promon SHIELD™ offers an approach to cyber security on mobile and desktop devices called Runtime Application Self-Protection (RASP). RASP affords security functionality at the level of the software applications that people use on their devices.
The financial institution considered Promon SHIELD™ supported features that would provide the level of security a financial app and its data required:
- Jailbreak/Root Detection – Promon SHIELD™ detects when malware is attempting a low-level takeover of a device;
- Repackaging Detection – Promon SHIELD™ stops hackers from changing the nature of software on a device;
- Library Injection Detection – Promon SHIELD™ precludes invasion of software through the software’s library of subroutines;
- Execution Flow Control – Promon SHIELD™ detects changes in the normal flow of an app;
- Process Integrity Checking – Promon SHIELD™ stops malware from hijacking advanced application processes and functions.
Promon SHIELD™ protects the financial app transparently. Banking customers log onto and perform transactions through the app without ever knowing how secure and up-to-date app and data protections are on the device.
The institution also rests more easily that Promon SHIELD™ updates are deployed seamlessly. Updates are easily done without disruption to the organization’s operations or to customer use of their mobile devices.
Promon SHIELD™ works to protect the deepest levels of the app and the core of the financial data customers rely on to enhance their lives.