Category: Mobile Security

Biometric technology may be the tool the mobile payments space needs to be successful. Security has long been a problem in the digital commerce sector. When e-commerce first began growing, there were many security risks that consumers and businesses had to deal with before shopping online could be considered safe. Over the years, the digital space has become more secure, but no less dangerous, and companies continue to fall prey to the risks that exist in the online world.

E-commerce is now something that people around the world participate in on a daily basis. Consumers enjoy the convenience that shopping online represents, but it has taken years of trial and error for online retailers to get it right and keep people safe while they are shopping online. The mobile commerce space is experiencing a similar problem, but retailers have had little time to address security issues thus far. Biometric technology could be the solution that businesses are looking for when it comes to security in the mobile space.

Passwords and security phrases can be compromised with varying degrees of effort and malicious groups are beginning to target the mobile space due to its relative lack of security. While hackers can find ways to exploit a wide range of platforms and services, they cannot exploit biological information that is used to keep these platforms safe. Biometric technology can turn a fingerprint into a virtual key, giving mobile consumers a higher level of security that they have not experienced in the past.

At its core, biometric technology is quite simple. It uses biological information, such as a fingerprint or a retinal scan, to control access to a mobile device or other type of electrical system. Because this information is unique for everyone, it is difficult to exploit. Biometric technology is not perfect, of course, but it could be powerful enough to solve some of the security problems that exist in the mobile commerce space. In fact, biometric technology is one of the reasons that Apple has entered into the mobile payments field, a sector it had once considered too risky to participate in.

Many believe that there continues to be exposure to considerable weaknesses with this technology.

The results of a review that was conducted on the mobile security levels through the use of smartphones and tablets by employees of the Social Security Administration (SSA) has revealed that there are considerable weaknesses.

It has been stated that a significant reason that this problem exists is due to the lack of a cohesive policy.

This problem and speculation regarding mobile security at the SSA was identified and published in a report by the Office of the Inspector General. What the Inspector General’s office determined was that the federal agency “did not always conform with federal standards and business best practices to mitigate unauthorized access to the agency’s sensitive information.” It determined that as the use of devices such as tablets and smartphones continues to become more prevalent, this represents a vital weakness.

A serious mobile security gap can exist when many common behaviors are adopted by SSA employees.

While it is true that the use of mobile devices give SSA workers the opportunity to accomplish a great deal more, even when they are not sitting at their desks, there are certain behaviors that are considered to be quite commonplace among private device users that can leave a gaping hole in security when used on a professional level. Among them are the downloading of third party apps, as well as accessing the internet over an unsecure network. This spikes the risk of loss or theft of sensitive data.

Among the tests that were conducted on the security of the mobile device use by SSA employees was the copying of a file by the Inspector General’s office to a mobile device. Though the agency’s own standards would have required that this file encrypt itself automatically, this was not the case during the test.

Equally, among the 17 employees of the SSA that were interviewed in this review process, only half showed that they understood that for mobile security purposes, it was important that their agency-provided devices be used exclusively for official government business. Moreover, not a single one of the people who were interviewed were able to identify a policy that was specifically meant to guide them with regards to the use of these gadgets.