Raiffeisen Italy is the umbrella organization for 40 entities of Raiffeisen Bank in the Italian province of South Tyrol. Overseeing the IT services for these member banks, Raiffeisen Information System CIO Alexander Kiesswetter modernized Raiffeisen Italy’s authentication system to comply with the revised Payment Services Directive (PSD2). As part of that initiative, Raiffeisen Italy introduced a standalone mobile app that… Read more


Fornite on Mobile

CEO Tim Sweeny of Epic Games, the publisher of the wildly popular Fortnite game, is on a mission to “advance the openness of all platforms” – not to mention side-step Google’s 30% take of developer proceeds – by distributing Fortnite for the Android platform via their website rather than the Google Play store. I applaud a maverick challenging the status… Read more


August 14, 2018 - Frederik Mennes
overlay attacks

The growth of mobile technology and the increased importance of cybersecurity have dominated news cycles in the past year. At the same time, one of the biggest threats we’re seeing against mobile are overlay attacks – combining social engineering with inherent security weaknesses found in mobile apps, these attacks take advantage of users to trick them into sharing sensitive data…. Read more


PSD2: Creating a Secure Execution Environment for Mobile Banking Apps

The revised Payment Services Directive, also known as PSD2, pays a lot of attention to the security of mobile banking apps, mobile payment apps, mobile wallets, and other apps that offer payment functionality. The most important requirements related to mobile app security are present in Article 9 of the final Regulatory Technical Standards (RTS) on Strong Customer Authentication (SCA) and… Read more


Mobile App Shielding

We regularly host webcasts on topics such as mobile app shielding, fraud, authentication, RASP and risk analysis to provide guidance on how to protect your customers and data. If you missed our latest webcast, Delivering Trust Through Mobile App Shielding and Hardening, here is the 5-minute summary. The full presentation is available on-demand. As mobile devices and apps proliferate, organizations are increasingly… Read more


At DeveloperWeek 2018 in San Francisco, I had a provocative question for mobile app developers: “Is mobile app security important to you, and if so, what are you doing about it?” The majority of developers I spoke with at the event agreed that security is important. However, when pressed for more detail, many could not describe the specific measures taken… Read more


ENISA Report

A recently published study from ENISA — the European Union Agency for Network and Information Security which advises member states and private sector organizations in implementing EU legislation, provides guidelines on how to take the appropriate measures to comply with the General Data Protection Regulation (GDPR). ENISA’s recommendation includes two-factor authentication and mobile application security as technical measures in high-risk… Read more


Android Malware

One of the key security issues facing organizations that support Android devices is the risk of rooting malware. A number of malware families on the Android mobile OS attempt to obtain root access once installed because the elevated privileges gained come in handy to perform malicious activities. There is, however, a way to detect rooting and protect your organization and… Read more


July 6, 2017 - Guest Blogger Lars Birkeland, Marketing Director of Promon
PSD2 Creates Opportunities for Payment Providers but also Vulnerabilities to Mobile Users

Customers of the British retail bank Tesco Bank awoke in early 2017 to find their bank accounts drained of funds. The recent Tesco Bank hack has left the retail banking world reeling, searching for answers and more effective ways to secure themselves against future attacks. It has been revealed weaknesses in the bank’s mobile applications left the door open for cybercriminals to brute… Read more


Protecting against the BankBot Android banking malware using RASP

Earlier this month the Dutch company Securify came across a new sample of the BankBot Android mobile banking malware. While older samples of BankBot mainly targeted Russian financial institutions, the latest sample shows that BankBot now targets European and American banks as well. More specifically BankBot now targets over 420 leading banks in countries such as Germany, France, Austria, the… Read more