Mobile Security Suite Features
Proactively protect your Android and iOS apps against attacks even in untrusted, potentially hostile environments, such as compromised devices and public wi-fi networks, with mobile app shielding from OneSpan. Detect and mitigate the latest malware attacks, impede reverse-engineering, defend sensitive data against tampering, and stop app spoofing and cloning vulnerabilities with an invisible, always-on layer of state-of-the-art mobile app security.
Rooting or jailbreaking iPhone and Android devices deactivates key operating system safeguards and can put a mobile app at increased risk from mobile malware and other malicious apps. Detecting the operation of your app on such a device can allow you to monitor this risk factor and use it in making decisions on back-end fraud management and authentication systems.
Secure Communication Channel
Enforce the highest mobile app security for communications between the server and mobile device with end-to-end encryption. Add an additional layer of protection by independently encrypting data on the server side for decryption on the mobile device.
Strengthen the security of data stored on the device with additional encryption and dynamic masking of the data storage method beyond what is provided by the platform. This additional security also safeguards and lookouts for the stored data should the Trusted Execution Environment, Secure Element, or Secure Enclave be compromised.
Counter attacker attempts to dismantle mobile app security by extracting an app’s encryption keys. Whitebox cryptography uses advanced encryption and obfuscation to keep keys hidden in the source code even during runtime so that an attacker cannot recover them and you can have peace of mind.
Enable and maintain a secure bond between a given mobile device and an authorized user to mitigate account takeover, stop the repurposing of cryptographic keys, and prevent app cloning as required by PSD2.
Integrate continuous mobile authentication for account access and transactions. In real time, monitor and score the way users interact with their mobile devices via keystroke and gesture dynamics. Recorded over time, these actions are mapped to the returning user to generate a risk score to step up authentication when needed.
Utilizing the built-in device biometrics and additional biometric authentication options available through our partners.
Implement OneSpan’s patented visual transaction signing solution in your mobile app to combat phishing, social engineering, and other fraud. Cronto allow users to verify and sign transactions from their smartphone or other device anywhere at any time without the need for a wireless or physical connection.
Identify a mobile device via unique attributes to provide persistent identification that’s unaffected by mobile OS updates and defeat malicious attempts to spoof the mobile device.
Device Trust Allocation
Broad data is collected from the device, the application, the device’s health, and the behavior of the user. Securely stored and transferred to the server-side where to be analyzed in real time by a decision engine. The risk level of the device is assessed with every new user’s action on the device.
Deliver a passwordless mobile experience by integrating open, scalable, and interoperable PIN, push, and biometric authentication that complies with the FIDO Universal Authentication Framework (UAF) standard. Users authenticate locally to their device, removing the need for a “shared secret” stored on the server and eliminating the server-side attack vector.
Pinpoint and timestamp a mobile device’s longitude and latitude within meters to determine the trustworthiness of a mobile device and feed risk analytics and risk management solutions with contextual data
Gather numerous data points about a device, its user, and the apps residing on it. Allow real-time analysis to score the risk of a transaction based on the available data points and dynamically change authentication depending on the risk level.
Transaction Signing with WYSIWYS
Fully integrate transaction signing to prevent social engineering, banking Trojans, and Man-in-the-Middle attacks while balancing user convenience and strong security for even the most sensitive mobile transactions. The payer is made aware of the amount and the payee.
Enable “push to log-in” use cases for online banking and send cross-platform notifications with a single server-side function to securely alert users, send authentication codes, and more from the server to the mobile device.
QR Code Support
Leverage a flexible image scanning feature that reads standard QR Codes for enrollment and other use cases.
Whitebox cryptography uses advanced encryption and obfuscation to keep keys hidden in the source code even during runtime, so an attacker cannot recover them.
Mobile Data Collector
This SDK is designed to collect mobile data from the client side that can be used further for risk-based decisions.
Orchestration SDK provides facilities to orchestrate the mobile application and authenticate users smartly and securely after a risk evaluation is performed on the server-side.