Category: Mobile Security

Mobile security threats may not be as serious in the mobile payments space as they seem

Security has become a major concern in the mobile commerce space, but security firm Kaspersky Labs suggest that security may not be as big of a problem as some would claim. The firm notes that there has been a significant increase in the prevalence of mobile malware, especially in the banking sector. The security issues that exist in the mobile payments space, however, are still “fairly minimal,” suggesting that mobile commerce may be a much safer space than some believe it to be.

Mobile payments are not exposed to the same security threats as the banking sector

Kaspersky Labs notes that consumers participating in mobile commerce are not experiencing the same risks as those that are on traditional devices, such as laptops or desktop computers. This has to do with the relative youth of the mobile commerce sector. Because this sector is still in a state of infancy, malicious software has not yet had an opportunity to thrive therein. By comparison, the banking sector is quite old and has been involved in the technology space for several years now and this time has allowed malicious groups to focus their efforts on certain vulnerable areas.

New trends are emerging that could compromise mobile security

While mobile payments may not be exposed to serious risks, there are still dangerous trends emerging in this space. Phishing Trojans are becoming more common in the mobile space. These malicious programs are designed to obtain the personal information of their targets, gaining access to bank accounts and exploiting other financial information. Such programs are likely to become more common and more sophisticated as the mobile commerce space matures.

Consumers can take steps to protect themselves and their important information

Consumers can keep themselves and their information safe through a variety of measures. Using anti-virus applications from reputable organizations, such as Kaspersky Labs, can help people protect themselves from malware. The increasing prevalence of biometric technology may also introduce more security to the mobile commerce space. This technology leverages biological information, such as a fingerprint, to protect a mobile device.

A new filing has been spotted that could bring the data from Touch ID to other devices via the cloud.

The US Patent and Trademark Office published a patent filing from Apple that could have to do with part of its mobile security feature that collects fingerprints in order to unlock devices and conduct other functions through certain iPhone models.

The filing was called “Finger biometric sensor data synchronization via a cloud computing device and related methods”.

The patent described a method of recording an individual’s fingerprints by way of the Touch ID mobile security sensor from Apple, so this information could then be uploaded to the cloud and synced with other Apple devices. The sensor necessary for Touch ID has been built into Apple technology in its smartphones since the iPhone 5S, and in the iPads that have been released since that time in 2013. The sensor allows a device owner to use his or her fingerprints in order to access the device. However, more recently, it also became an identity verification feature when making purchases through the new mobile wallet system, Apple Pay.

This potential change to the mobile security feature is meant to help to make the system more convenient.

Apple described in the patent filing that enrollment into Touch ID could potentially be “cumbersome for users in some instances, such as when multiple fingerprints, users and/or devices are used.” By synchronizing the process using a cloud based function, it would help to eliminate the need to re-register a device owner’s fingerprints on every device, in addition to the fingerprints of all of the other people who are to be given permission to access the iOS gadget.

At the time of the writing of this article, the Touch ID security page at Apple explained that “iOS and other apps never access your fingerprint data, it’s never stored on Apple servers, and it’s never backed up to iCloud or anywhere else.”

If that mobile security policy is to remain the same, it makes one wonder how this potential cloud synchronization technology could possible work, and how it could be safely applied in order to protect the data from the Touch ID feature.