Tag: smartphone security

Mobile commerce continues to have a dubious track record on the security front

Security in the mobile commerce space may be more serious than previously thought. Like other computer systems, smartphones and tablets are susceptible to malware, viruses, and malicious attacks that seek to exploit the personal information of a user. Over the years, nearly every facet of mobile technology has been compromised in some form or another, calling for more robust security features to be introduced in every succeeding generation of smartphones and tablets. SIM cards have long remained resilient against conventional attacks, providing mobile devices with some degree of security that had not yet been overcome. That has changed.

Major security flaw uncovered with millions of SIM cards

German cryptographer Karsten Nohl has announced that he has successfully discovered encryption and software flaws that put millions upon millions of SIM cards in danger of hacking and other such attacks. Notably, these flaws could have a major impact on the mobile commerce space, much of which is based on NFC technology, which itself has been criticized for having lackluster security features. Nohl suggests that millions of mobile devices could be at risk of exploitation because of the flaw in SIM cards.

More information on vulnerability to be provided at security event

Nohl is expected to demonstrate his findings at an upcoming security event that will be help in Las Vegas, Nevada, later this month. During the event, Nohl will showcase the discoveries he has made over his three years of research into the matter. The event may shed some light on how SIM card vulnerabilities could affect the mobile commerce sector. Given that security continues to gain somewhat dubious attention in this sector, more consumers are becoming wary of participating in mobile commerce lest they fall victim to malicious attacks.

Mobile commerce may avoid disaster if companies take aggressive security measures

While the SIM vulnerability could prove very problematic for consumers, Nohl notes that two large telecommunications companies have already reached out to him for information on the issue. These companies are using this information to develop a security fix for the issue in an attempt to protect consumers. If more companies take similar steps, the SIM card vulnerability may have only a modest impact on the mobile commerce space.

False Android applications are becoming much more common in official marketplaces.

When it comes to mobile security, malware and other related issues can appear in some of the places that you’d least expect them, including many seemingly harmless apps that can bring about a world of problems to their users.

Although many device users feel safe when they stick to official marketplaces, they may not be as secure as they think.

In the universe of fake Android apps, it used to be the case that they were primarily found in sketchy underground forums. However, there are also a swath of “unauthorized” applications appearing in official marketplaces and that are leading to mobile security issues for those who download and install them.

These mobile security threats aren’t typically malware in the most traditional sense of the word.

Though some may contain an Android Trojan virus that will download additional apps into a device or alter its normal operation, others can slip in undetected and collect the user’s personal data, only to send it away to remote servers of the developer. Many of them are using the old “bait and switch” technique that users often experience when they feel that they’re downloading one kind of app only to discover that they have received something primarily designed to keep a ton of ads constantly being displayed or that the home screen is changed around.

Unless absolutely necessary, it’s wise not to check off the option for the device to install apps from “unknown sources” on an Android device. This can create a tremendous number of mobile security problems if it is not done. Though it is necessary to check that box when testing an app that is currently under development and that is legitimate, it is extremely unwise to take that step in order to try to obtain pirated content. In those cases, you never know what you’re actually installing onto your device.

It is also a good idea for mobile security to check the developer, as a number of apps are being produced that look legitimate, but that are clearly not from official sources. For instance, there are dozens of games that look like they have Disney titles, but where Disney is not the developer. Moreover, it is important to note that BlackBerry is now the company name, not RIM, as unethical developers are trying to trick people who were not aware of the change.