Century Longmai – Digital Security Logo Century Longmai – Digital Security Retina Logo Century Longmai – Digital Security Sticky Logo Century Longmai – Digital Security Sticky Logo Retina
  • PRODUCTSLongmai product portfolio
    • mToken PKI Authentication
      • mToken CryptoID-FIPS Token
      • mToken K1-HID Token
      • mToken K2-CCID Token
      • mToken K3-Auto Plug & Play Token
      • mToken K5-Mobile PKI Token
      • mToken K9-Bio Token
      • mToken UKey
      • mToken TF-Smart Card MicroSD
    • mLock Software Protection
      • mLock X1-Smart STD
      • mLock X3–Smart Code
      • mLock X5-Supporting Linux OS
      • mLock Smart UDisk
      • mLock Time
    • mOTP Authentication Token
      • mOTP m100
      • mOTP m200
      • mOTP m300
    • meDocs e-Document Management
      • meDocs-M
      • meDocs-P
    • mCard Smart Card
      • mCard CPK
      • mCard JavaCard
    • mReader Smart Card Reader
      • mReader W100
    • mFIDO FIDO Authentication
      • mFIDO U2
      • mFIDO U4
    • mNFC NFC Readers
      • mNFC N100
      • mNFC N200
  • SOLUTIONS & SERVICES
    • Identity & Access
      • Access Control
      • License Control
      • mCard CPK solution
      • Online IA
    • Government
      • eDocument Security
      • eHealthCare
      • Online Gaming Security
      • Wireless Digital Signature
    • Financial
      • eBanking
      • eCommerce
      • Mobile Payment
    • Personal e-Document Security
    • ODM/OEM Services
  • ABOUT US
    • Who We Are
    • What We Do
    • Who We Work With
    • Contact Info
    • Corporate Program
    • Jobs/Careers
    • FAQs
    • Press Release
    • Technologies
      • Bluetooth LE
      • BYOD
      • Cryptography
      • Glossary Terms
      • mCard Java Card
      • Internet of Things
      • One Time Password
      • Other Technologies
  • PRODUCTSLongmai product portfolio
    • mToken PKI Authentication
      • mToken CryptoID-FIPS Token
      • mToken K1-HID Token
      • mToken K2-CCID Token
      • mToken K3-Auto Plug & Play Token
      • mToken K5-Mobile PKI Token
      • mToken K9-Bio Token
      • mToken UKey
      • mToken TF-Smart Card MicroSD
    • mLock Software Protection
      • mLock X1-Smart STD
      • mLock X3–Smart Code
      • mLock X5-Supporting Linux OS
      • mLock Smart UDisk
      • mLock Time
    • mOTP Authentication Token
      • mOTP m100
      • mOTP m200
      • mOTP m300
    • meDocs e-Document Management
      • meDocs-M
      • meDocs-P
    • mCard Smart Card
      • mCard CPK
      • mCard JavaCard
    • mReader Smart Card Reader
      • mReader W100
    • mFIDO FIDO Authentication
      • mFIDO U2
      • mFIDO U4
    • mNFC NFC Readers
      • mNFC N100
      • mNFC N200
  • SOLUTIONS & SERVICES
    • Identity & Access
      • Access Control
      • License Control
      • mCard CPK solution
      • Online IA
    • Government
      • eDocument Security
      • eHealthCare
      • Online Gaming Security
      • Wireless Digital Signature
    • Financial
      • eBanking
      • eCommerce
      • Mobile Payment
    • Personal e-Document Security
    • ODM/OEM Services
  • ABOUT US
    • Who We Are
    • What We Do
    • Who We Work With
    • Contact Info
    • Corporate Program
    • Jobs/Careers
    • FAQs
    • Press Release
    • Technologies
      • Bluetooth LE
      • BYOD
      • Cryptography
      • Glossary Terms
      • mCard Java Card
      • Internet of Things
      • One Time Password
      • Other Technologies

The dawn of Mobile application Security Threats

Today consumers want to use more than ever mobile applications for everything from banking to travelling to shopping. In this context of ever growing cyber-attacks and increasingly connected mobile, social media and cloud services, enterprises IT security must evolve security programs to adapt to these new forces.

If not you, Who? If not If not now, When? If not here, Where?

These devices and applications know where we are, who we were there with, and when we are doing what! We also use them to make phone calls, take pictures, and even video conferencing. To hackers, access to this information can be very valuable.

Industry Figures:  apps & mobile devices

Mobile_devicesToday, employees want access to all their apps from any mobile device, including their own personal devices. Modern mobile apps have expanded beyond conventional tools and use cases such as mobile email, calendar and contact management.

Gartner, Inc predicts/suggests:

  • Through 2015, more than 75% of mobile applications will fail basic security tests.
  • By 2017, the focus of endpoint breaches will shift to tablets and smartphones.
  • Through 2018, a variety of devices, user contexts, and interaction paradigms will make “everything everywhere” strategies unachievable.

The following insights are extracted from “Internet of Things Study 2015, Volume I by Evans Data Corporation”:

  • 79% of IoT app developers spend at least 25% of their time with analytics or databases, and 42% work on Big Data or advanced analytics projects.
  • 55% of IoT developers primarily connect devices through the Cloud, with 32% connecting through a hub or middle tier.

Mobile Security: a key challenge in Information Security

More employees than ever are demanding access to applications and data that help them achieve maximum productivity outside the office; moreover mobile devices like smartphones and tablets offer new mobility and flexibility for people and IT. But the escalating reliance upon mobile computing has introduced many new security risks hence satisfying mobility requirements is becoming more challenging. For instance, allowing users to access all their apps and data from untrusted devices and unpredictable locations raises significant security concerns and also pose new challenges for information security and privacy.

In most case, to do significant damage in the mobile world, malware would need to act on devices that have been altered at an administrative level. End-users practices like ‘jailbreaking’ for iOS or ‘rooting’ for Android devices escalate the user’s privileges on the device, effectively turning a user into an administrator allowing users to access certain device resources that are normally inaccessible ( in most cases performed deliberately by users), but they also put data in danger. This is because they remove app-specific protections and the safe ‘sandbox’ provided by the operating system allowing malware to be easily downloaded to the device and being open to all sorts of malicious actions, including extraction of enterprise data. The ‘Rooted’ or ‘jailbroken’ mobile devices also become prone to brute force attacks on passcodes.

Apps trend: Security and the evolving business risks

Mobile applications are changing the way business is done today, offering instant access to services for end-users. As enterprise employees download from app stores and use mobile applications that can access enterprise assets or perform business functions, IT security must evolve security programs to adapt to new forces like cloud, mobile communications and social media. This is because these applications are exposed to attacks and violations of enterprise security policies.

Defending against possible attacks from mobile platforms

Enterprises that embrace mobile computing and bring your own device (BYOD) strategies are vulnerable to security breaches unless they adopt methods and technologies for mobile application security testing and risk assurance.

Most enterprises are inexperienced in mobile application security, even when application security testing is undertaken; it is often done casually by developers who are mostly concerned with the functionality of applications, not their security. Attackers are taking advantage of this and the many complexities created by the mobile ecosystem to exploit vulnerabilities, resulting in sophisticated fraud schemes and theft of sensitive data.

In this article we argue that the best defense mechanism for mobile security is to keep mobile devices fixed in a safe configuration and follow a mobile device management (MDM) policy or an enterprise mobility management baseline for all mobile devices. Meanwhile, IT security leaders also need to use network access control methods to deny enterprise connections for devices that exhibit potentially suspicious activity and deploy strong identity authentication mechanisms to prevent possible attacks on the core network infrastructure.

LONGMAI Mobile Security Approach

Today, a majority of companies are concerned about loss of and unauthorized access to corporate data; therefore use of encryption is mandatory as risk control measure for mobile devices. LONGMAI leverages its deep understanding of authentication and mobile technology to deliver trusted and proven solutions while addressing customers’ need for mobility.

LONGMAI mToken ecosystem of cryptographic modules support PKI certificate storage used for mobile-based identity and data management (incl. signing/encrypting of email, PDF documents, MS office files, and software applications, as well as VPN and web-based SSL).

The portfolio consists of cryptographic modules meeting industry compliance requirements to ensure secure network authentication, communication encryption and protect sensitive information both on the network and in wireless terminals.

Explorer our solutions

  1. Mobile:  LONGMAI Smart Card microSD is a driverless mass storage PKI carrier with in-built high performance smart-card chip based on SD/TF card interfaces and the SD/IO protocol to communicate with the host device – mainly focused on mobile terminal PKI application to deliver flexible secure storage functionality based on technology. This portable and easy-to-use solution ensures security by encryption of documents and application data, independent of any operating system or device.
  2. Wireless:  LONGMAI mToken Bluetooth LE Wireless Token solution for mobile balances the need for stronger mobile security with user demands for convenience. It natively integrates Bluetooth LE communication and 2FA with electronic signing into mobile applications using standard high level encryption algorithms. Through our robust library of APIs, developers can extend and strengthen security for all standard and custom applications to deliver unprecedented convenience to end-users. More Info.

Top-5 Benefits of LONGMAI Mobile Security

  • Innovative and secure exchange and storage of sensitive data with strong 2FA/MFA solutions adopting 32-bit smart card chip technology,
  • Offers high usability and scalability with diverse portfolio of authentication devices that can leverage existing infrastructure,
  • Cost-effective,
  • Support for multiple mobile terminals and desktop OS platforms, thus convenient in situations that require secure authentication even when smart card readers are not available,
  • Highly customizable to enable re-marketing.

Get Started Today

If you are interested in knowing more about deploying secure and convenient technologies or need more information about related pki multi-factor solutions, click download to access the full White Paper.

You can speak to Longmai sales representatives about becoming our registered  partner (contact with us to know about the benefits of becoming Longmai partner) or inquire about our products and solutions and services such as:

  • E-Government & Enterprise digital signature solutions
  • Software License Protection
  • Electronic Document Leakage Prevention(DLP)
  • Wireless PKI and Mobile data security
  • E-Banking & E-Commerce security
  • Network Identity Authentication security
  • Product customization and OEM Service
  • White Paper: Bluetooth Low Energy in Wireless PKI deployments

 

About CENTURY LONGMAI

Established in 2003, Century LONGMAI Technology Co., Ltd is one of the most leading digital security device vendors in China with extended experience in developing latest generation of digital security solutions and products for secure information access and transmission across multiple media. LONGMAI solutions and products are dedicated to help customers and their end-users build safe, efficient and sustainable networks and are widely used by mobile network operators, financial institutions, Governments, Retailers, Transport authorities, software developers and system integrators.

 

For more information visit, https://longmai.net, or follow us on @LongmaiInfoSec on Twitter and +Lm-infosec on Google+

Like this:

Like Loading...

Related

Share This Story, Choose Your Platform!

FacebookTwitterLinkedinGoogleplusEmail

Related Posts

  • We’re Exhibiting at GISEC Global 2025!

    April 28th, 2025 | 0 Comments
  • Longmai Technology be the first to start mToken FIPS 140-3 high security certification

    February 18th, 2024 | 3 Comments
  • Versasec Announces Support for Longmai mTokens

    June 23rd, 2018
Copyright © 2013 - Century Longmai. All Rights Reserved Privacy Terms | 中文网站
 

Loading Comments...
 

    %d