Page 14 - AeM_Dec_2017
P. 14

BEST PRACTICES & STRATEGIES
























                            Stay alert when purchasing via

                                     smartphone and tablet


            The Christmas business is in full swing. Therefore we   applications run in distributed and potentially vulnerable
            are sounding a note of caution to all those using their   environments and are therefore particularly attractive to
            smartphone or tablet for doing their shopping.       hackers.  The  Achilles  heel  of  the  mobile  app  is  their
                                                                 binary  code,  which  opens  the  door  to  any  kind  of
            When the pre-Christmas shopping season starts at the   manipulation that compromises the integrity of the app.
            beginning of December, many retailers once again are   If the binary code is not specifically protected, attackers
            wooing  with  rewarding  online  offers.  Quite  to  the   can reverse engineer it, thus preserving sensitive data,
            delight  of  their  customers,  because  many  consumers   such as credit card or bank account information, or spy
            avoid  crowded  shops  in  the  run-up  to  Christmas  and   on or manipulate transactions that are handled through
            buy their gifts from the comfort of their own home or on   the app.
            the go - or via smartphone or tablet.
                                                                 More security for shopping apps
            Dealers have long since recognized the trend towards
            mobile commerce and are expanding their offering to   In times when mobile applications for retailers represent
            include  mobile  shopping  apps  that  gives  their   an  important  strategy  in  the  fight  for  customer  loyalty
            customers  a  convenient  and  fast  purchasing  process   and  revenue  generation,  such  cyberattacks  can  have
            via  their  smartphone.  But  the  mobile  optimization  of   fatal  consequences  -  from  financial  losses  to
            the retail industry also carries many risks, as apps are   compensation  payments  to  reputational  damage.  This
            another lucrative target for cybercriminals, giving them   makes it all the more important for companies to keep
            multiple ways to make a profit.                      an  eye  on  the  security  of  their  apps  when  setting  up
                                                                 their mobile shopping strategy.
            More  and  more  often,  hackers  manage  to  penetrate
            mobile  apps  and  tap  sensitive  personal  or  bank   Specifically,  this  means  that  mobile  applications  are
            account  data,  manipulate  purchasing  processes  or   hardened at the binary level and equipped with runtime
            steal  intellectual  property.  Because  of  the  wealth  of   application  self-protection  technologies.  Only  then  the
            sensitive  data,  shopping  applications  are  particularly   app can independently protect itself against all types of
            threatened by cyber-attacks.                         manipulation  and  reverse  engineering  -  regardless  of
                                                                 device, environment, running time or idle state. Android
            But even fake apps are becoming more of a problem in   retail  apps  with  Host  Card  Emulation  (HCE)  -based
            the industry. How real this danger is, we could find out   payment solutions should also be equipped with special
            from some Apple customers, who already got a taste   cryptographic  key  protection  technologies  to  prevent
            of it. Just in time for the start of the shopping season,   unauthorized access.
            cybercriminals managed to smuggle hundreds of fake
            shopping  apps  past  the  security  checkpoints  into  the   For  both  businesses  and  customers,  mobile  retail
            app  store.  The  counterfeit  applications  presented   applications  have  great  potential  in  digital  retail
            themselves  as  official  shopping  helpers  of  renowned   optimization.  The  difficulty,  however,  is  to  fully  exploit
            brands such as Nike or Christian Dior, but have been a   this potential and achieve real competitive advantages.
            ripsnorter. Some of the fake apps bothered customers   In  addition  to  formulating  the  tangible  benefits  and
            with embedded ads, while others targeted credit card   convenience of shopping apps, providers must first and
            information.                                         foremost strengthen customer confidence in the security
                                                                 of  apps.  Retailers  and  developers  must  spare  no
            How hackers attack
                                                                 expense  and  efforts  to  protect  their  apps  effectively
            Unlike  web-based  applications,  where  security  is   against hacker attacks and abuse, and to communicate
            largely  controlled  by  businesses,  protecting  mobile   this security openly. ◊
            apps from manipulation and reverse engineering is far                            By Daniela La Marca
            more of a challenge. This is not least because mobile
      14            December 2017 - Digital Commerce & Customer Experience
   9   10   11   12   13   14   15   16   17   18   19