SOURCE: Arxan Technologies

Arxan Technologies

October 22, 2012 08:00 ET

Arxan Technologies to Speak on Innovations in Mobile Security for the Financial Services Industry at the FS-ISAC Fall Summit

Company to Address Key Emerging Threats and Innovative Mobile Application Security Solutions to Protect Financial Services Apps in Today's Global App Economy

BETHESDA, MD--(Marketwire - Oct 22, 2012) - Arxan Technologies, a leading provider of software security solutions that protects the global App Economy, will participate in a panel session entitled "Innovations in Mobile Security" at the Financial Services - Information Sharing and Analysis Center (FS-ISAC) Fall Summit.

The session takes place on Oct. 23 at 3 p.m. at the Lansdowne Resort in Leesburg, Va.

Vince Arneja, vice president of product management, Arxan Technologies, will participate in the panel session which will examine the need for creative solutions to manage risk as business services continue to evolve and increasingly leverage mobile technology. Technology developments and trends with layered security, application protection and data protection will be discussed by the panelists, moderated by Joseph Hammer, managing director, Morgan Stanley.

"Many of our financial institution customers are embracing a layered security approach by integrating various forms of security measures directly inside their mobile apps to protect against hackers and other threats," said Arneja. "This panel discussion will provide leaders in the financial services community with expert insight on the security threat landscape and key advancements in mobile app security technology."

Recently, Kristen Moyer, research director in Industry Advisory Services/Banking and Investment Services at Gartner, observed that "the banking industry is in crisis, and transformation is needed -- transformation which their current application portfolios prevent. They need to look at new models based on APIs (application programming interface) and apps in order to engage customers and respond quickly to new opportunities."1

As the financial industry continues its transformation via the emergence of new mobile services, such as mobile peer-to-peer transactions, remote deposit, balance transfers and payment, the underlying consumer-facing or internal software applications, for Android, iOS, Windows Phone and other operating systems that reside in or communicate with mobile devices, are subject to a new array of attacks.

Security is a critical component for both mobile banking and payment applications that are required not only at the network and device level, but also at the application layer to thwart application attacks, such as tampering, reverse-engineering, and can lead to theft and fraud. For example, if an attacker can break into a banking app, compromise its integrity via disarming various layers of the security framework such as jailbreak/root detection and authentication, and steal sensitive user credentials, then he can commit financial fraud using the stolen information. He can also inflict other damage that would ultimately harm the users or financial institutions involved.

The compromise of mobile app integrity presents a serious risk where hackers or malware have gained physical access to the application binaries, then pry open their internals, disable or tamper with the security controls, and extract sensitive information from the binaries or while the applications are running. This is a problem that traditional source-level code fixes of programming flaws cannot address. Even if an application contains no programming flaws, the binary code, no matter how unreadable to human eyes, can be tampered with and is reversible and modifiable via many readily available reverse-engineering and hacking tools.

Hackers can crack popular apps, inject malware, and redistribute them without original app owners or users ever knowing this took place. A 2012 North Carolina State University research paper which examined Android malware samples found that "86 percent of are repackaged versions of legitimate applications."2

Arxan's proven security for mobile, embedded, desktop and server computing environments protect financial services software with best of breed anti-tamper and anti-reverse engineering technology. The company's multi-layered and multi-platform protection consists of a variety of security technologies, including passive and active defenses such as: obfuscation, anti-debug, repair, self-healing and anti-tamper to ensure durability, resiliency and performance in the field.

1 "Interview: Banks must focus on APIs and apps, not applications - Gartner analyst," siliconrepublic.com, Oct. 11, 2012

2 Yajin Zhou, Xuxian Jiang, "Dissecting Android Malware: Characterization and Evolution," Proceedings of the 33rd IEEE Symposium on Security and Privacy (Oakland 2012), San Francisco, CA, May 2012

ABOUT ARXAN TECHNOLOGIES:
Arxan Technologies Inc. is the industry leader of application protection solutions that protect the App Economy. Arxan secures mobile, desktop, server and embedded applications against tampering and reverse-engineering attacks and is an integral part of end-to-end application security. Our security defends against tampering, unauthorized use, insertion of exploits, piracy, and theft of intellectual property for global leaders in markets such as Fortune 500 enterprises, financial services, ISVs, gaming and digital media to proactively defend the integrity of their code and business models. Arxan's proven, scalable and durable application protection solutions defend, detect, alert and react to application attacks through a threat-based, customizable approach. Arxan Technologies is headquartered in the United States with global offices in EMEA and APAC. For more information, please visit www.arxan.com.

Follow us @Arxan or http://www.linkedin.com/company/arxan-technologies

Arxan: Protecting the App Economy™. Share your thoughts on application protection using hashtag #protectyourapps

Contact Information