Almost all of the bank’s transactions are conducted via its mobile application. The app is the most important asset the bank has; there are no physical branches for customers to visit.
That means robust security is a must if the bank wants to maintain customer trust and keep its hard-earned reputation.
The four key goals that the bank highlighted from the outset reflect the challenging and ever-evolving nature of threats facing mobile banking apps:
The need to prevent Account Takeovers (ATO):
Attackers were using stolen or phished credentials to access victims’ accounts from a different device. This was leading to financial losses for victims and the threat of reputational damage for a bank that prides itself on taking security seriously.
Addressing mobile banking fraud:
Bad actors were circumventing the ID verification process, which was allowing them to to open accounts fraudulently and take out loans or apply for credit. The bank was losing large quantities of money and was spending valuable time and resources dealing with the fallout of fraud.
The need to combat malware and phishing:
The bank was struggling to protect its app from increasingly sophisticated forms of malware, banking trojans, and remote access tools (RATs). Attackers were also using AI-powered social engineering techniques to steal login details and banking credentials from users.
Keeping on top of how attacks are evolving:
The evolving nature of mobile threats convinced the bank that they needed a reliable threat and device intelligence solution. They wanted to be able to analyze the types of attacks their application was up against and to take action when threats were detected.
Attackers were finding new ways to bypass our traditional defenses, so it was clear that we needed to adopt a more advanced, holistic approach to app security.
Mobile Security Product Owner
The digital bank implemented two Licel products - DexProtector and Alice Threat Intelligence – across its Android and iOS applications to strengthen the integrity of the mobile channel.
A post-build protection tool, DexProtector is deployed fully on-premises and offline, and is easily integrated into the mobile application build process.
It comprehensively secures the app through obfuscation, encryption, and Runtime Application Self-Protection (RASP), automatically integrating a range of runtime components to prevent and mitigate reverse engineering, tampering, data theft, and fraud.
Alice enables banks to increase observability over usage of their mobile apps, to identify malware, compromised devices, and suspicious activity, and to assess risk factors for each user session in real-time and retrospectively.
Its tamperproofed malware detection and device intelligence components help not only to secure your apps today, but also help to fortify them against the threats to come.
Licel’s Device Intelligence solutions empower banks to identify login attempts from unrecognised or potentially untrustworthy devices. By building up a complex picture of device characteristics, Device Intelligence goes beyond a simplistic identifier or fingerprint, enhancing resistance to spoofing and enabling banks to spot requests from devices that don't match the user's established profile.
Solution implementation example:
An attacker obtains a user’s credentials via a phishing attack and attempts to access the account from an unrecognized device. The bank queries the Alice API to retrieve Device Intelligence data for the current session and evaluate the risk profile. This profile encompasses a multitude of factors, enabling the system to assess the device's risk level comprehensively.
Outcome: The bank successfully prevents the Account Takeover attempt.
Licel solutions identify suspicious devices, stop deepfakes and image-injection based spoofing, and prevent fraudsters from using outdated, insecure, or tampered-with versions of the bank’s application. They also encrypt data stored on the device, and ensure eKYC checks take place in a secure environment.
Solution implementation example:
An attacker uses a virtual camera app in an attempt to spoof the app’s biometric verification process. DexProtector’s RASP engine and the Anti-Malware module detect the use of a spoofing app and prevent attackers from bypassing the bank’s eKYC processes.
Outcome: The fraudulent attempt is detected and stopped, which means financial losses and the resource drain associated with fraud resolution are avoided.
Licel’s Anti-Malware module provides apps with integrated malware and Potentially Harmful App detection capabilities. It checks for known malware signatures, as well as heuristic checks which flag indicators of potential interference by malware or PHAs.
The UI Protection Module prevents screen capture, protects IP, and reduces the threat of remote access fraud.
Solution implementation example:
Malware lying dormant on a victim’s device attempts to access sensitive app data once the mobile banking application is opened.
Licel’s Anti-Malware module detects and reports the presence of the malware, enabling the bank to restrict activity and block transactions.
Outcome: The malware is unable to extract sensitive information from the application.
Alice is fundamental to Licel's Anti-Malware and Device Intelligence solutions, with critical data accessible via the Alice Enterprise API to feed risk assessments in real-time and retrospectively.
Solution implementation example:
Alice constantly monitors real-time threat data and updates the app’s defenses against emerging attack vectors. It also provides insights to the bank about suspicious patterns, such as multiple login attempts from different locations.
The bank’s analysts are able to retrieve all incidents from Alice from the previous day, such as cases filtered by User ID (or Session ID). This means they can analyze transactions and enrich the fraud monitoring system they already have in place.
Outcome: The bank stays one step ahead of attackers, with a continuously-evolving security strategy that easily adapts to combat new threats.
Licel solutions have had a big impact on our security posture. They’ve prevented cloning, runtime attacks, tampering, and reverse engineering. And we can now detect rooting, jailbreaking, and emulators more effectively.
Mobile Security Product Owner
“We had root and jailbreak detection before we partnered with Licel, but they were quite basic and often bypassed easily. It was clear that we needed more sophisticated protection mechanisms and reinforced anti-tampering.”
“After partnering with Licel, our apps were protected against cloning and runtime attacks (particularly those using Frida). DexProtector has also stopped injections via Android cloud emulators. Ultimately, Licel solutions allow us to carry out more granular analysis and give us much more confidence when it comes to detecting and mitigating threats in our applications’ environments.”
“In the past, fraudsters were using outdated and tampered versions of the app to abuse our APIs. They would often send API calls to our backend, uploading photos or videos to fool our eKYC checks. So, we needed stronger ways to verify that requests were coming from legitimate app versions.”
“Licel’s Device Intelligence module and other protection mechanisms enable us to more confidently verify that a user is accessing the app from their associated device. And DexProtector’s ability to encrypt sensitive parts of the code means we can secure the request signing key.”
“Partnering with Licel has provided us with lots of valuable threat and device intelligence data and insights that have vastly improved our overall security posture.”
“The upshot of this is a significant reduction in the number of successful eKYC fraud attempts and Account Takeovers, and much better knowledge about the evolving threat of malware. This gives us peace of mind that our applications are as secure as they can be right now, but also reassures us that they will be well placed to continue to protect themselves against attacks in the future.”
“We had a negative experience with a previous supplier, and as a result we feared that it might be quite a lengthy and arduous process to implement Licel’s solutions.”
“Thankfully these fears were not realized. We were able to set up DexProtector on both iOS and Android - with all the protection mechanisms we required - in around one month. Updates are communicated clearly, and the Licel team is always available to help with evolving security challenges we’re looking to solve.”
If so, find out how Licel’s mobile banking app security solutions can help.
