Android Malware

One of the key security issues facing organizations that support Android devices is the risk of rooting malware. A number of malware families on the Android mobile OS attempt to obtain root access once installed because the elevated privileges gained come in handy to perform malicious activities. There is, however, a way to detect rooting and protect your organization and mobile application users from malicious attacks – Runtime Application Self-Protection… Read more


Protecting against the BankBot Android banking malware using RASP

Earlier this month the Dutch company Securify came across a new sample of the BankBot Android mobile banking malware. While older samples of BankBot mainly targeted Russian financial institutions, the latest sample shows that BankBot now targets European and American banks as well. More specifically BankBot now targets over 420 leading banks in countries such as Germany, France, Austria, the Netherlands, Turkey and the United States. VASCO’s Threat Research analysts… Read more


What Bob Dylan and RASP Have in Common

Ok, now that I have your attention, I’ll explain how I got here. Feel free to follow along. In early April, the creative folk icon finally made his way to Stockholm and the home of the Swedish Academy to formally accept his 2016 Nobel Prize for Literature and the 8 million Swedish krona (approximately $900,000 US) that went along with it. It happens that one of his most well known… Read more


Using Mobile as an Upselling Channel in Financial Services

We rely on our bank’s mobile app to check balances, pay bills and transfer money electronically. But mobile consumers want (and expect) to do more. The logical next step, then, is to enable consumers to conduct all of the services offered online (and at their physical branches), on their mobile devices. That’s easier said than done. Most financial institutions have developed mobile apps that don’t provide adequate mobile capabilities and access to… Read more


February 10, 2017 - David Vergara

In their third quarter 2016 earnings report, Bank of America said that 20 percent of its total sales were digital and 27 percent of those sales were over mobile devices. The bank reported that it now has over 21 million mobile customers. And similar growth is being seen across the banking industry, so there’s no doubt that the mobile channel is a strong contributor to bank growth. As the proverb says,… Read more


SMS Authentication

Banks and payment service providers sometimes rely on SMS to verify the identity of a person who wishes to make a wire transfer or confirm a payment. They send an SMS message with a one-time password (OTP) to the person’s mobile phone, and the user has to enter this OTP into the application of the bank or payment service provider. In this blog post I discuss whether SMS-based authentication will… Read more


Introducing “Smile & Sign” at Finovate Europe 2017

The ideal digital onboarding experience does away with paper and unnecessary visits to the branch. It takes into account the fact that consumers may leverage multiple digital channels during the onboarding process. With the majority of digital business transactions conducted remotely online and on mobile devices, financial services organizations are looking to offer secure yet frictionless onboarding experiences for new and existing customers alike. A growing number of consumers are… Read more


Top 5 Security Stories in 2016

2016 was another stunning year in the battle against hackers. The bad guys were more than up to the task with new attacks and an endless display of innovation that challenged even the best security strategies. Yahoo’s topped their half-billion record breach with a billion-record breach, ransomware ran amok, DDoS attacks scaled to new heights, the endpoint grabbed major attention, and the U.S. political process ended up in Russia’s crosshairs…. Read more


December 21, 2016 - Shane Stevens
This Holiday Season Beware Prying Eyes

This holiday season’s breakout gift for the younger set, Hatchimals, were scarce even on Black Friday. However, at least in their current form they’re unlikely to spy on you. The same can’t be said for this year’s in-demand, slightly older demographic equivalent, drones. As most of us are acutely aware, drones are naturally, albeit passively intrusive. Still, that doesn’t make them entirely benign and based on how much people talk… Read more


November 25, 2016 - Guest Blogger Lars Birkeland, Marketing Director of Promon
Tesla cars can be stolen by hacking the app

Our researchers have demonstrated that because of lack of security in the Tesla smartphone app, cyber criminals could take control of the company’s vehicles, to the point where they can track and locate the car in real-time, and unlock and drive the car away unhindered. Such a hack gives criminals total control of the vehicle, providing additional functionality to that exposed by Keen Security Labs in a different hack in… Read more