Singaporean consumers expect app makers to protect them from hacking , fraud and malware .
FEATURE
restrictions implemented by the manufacturer are compromised .
Prevent your app from running on jailbroken and rooted devices including advanced rooting tools like Magisk , ensure that your digital wallet data is encrypted at-rest , use advanced white box cryptography , as well as threataware encryption keys to encrypt app sandbox , files , strings , resources , preferences and native libraries .
4 . Weak encryption
Looking at the top five attacks on investment apps , several apps were found to be using an unencrypted SQLite database in their Android app , making them vulnerable . Unencrypted data in the application sandbox or SD card , in preference areas like NSUserDefaults or the clipboard are common channels targeted . Given this , data at-rest encryption is recommended to protect data inside these areas . Hackers also target transactions , passwords and passphrases and enforcing SSL / TLS for communications – including minimum
TLS version and cipher suites are good protective measures .
5 . Dynamic runtime attacks and dynamic instrumentation
Modified versions of investment apps , used with emulators and simulators or ondevice malware can be used by hackers to create fake accounts , activate malicious trades and transfer cryptocurrency from one investment app to another .
In Singapore , businesses have been targeted by ransomware threats in recent years with the number of cases growing by 54 % between 2020 and 2021 . To safeguard against these challenges , implementing runtime application self-protection ( RASP ) methods are recommended . In particular , deploying anti-tampering , anti-debugging and emulator-detecting solutions is advised . Implementing options to protect against the malicious use of ADB – for method hooking or other app-harming risks – as well as protection against dynamic instrumentation frameworks and toolkits like FRIDA should also be considered .
Singaporean consumers expect app makers to protect them from hacking , fraud and malware .
Do not sleep on security
Cybercriminals never sleep when it comes to developing new threats , so as a banking or FinTech app developer , staying ahead of threat actors is imperative . And investors and users of FinTech apps should remain alert and vigilant . They need to do their research and demand that the app makers do more to protect their data , their use and their financial investments .
As the investment app sector is highly competitive , best-in-class security is as critical as speed and ease of use when it comes to building apps that delight Singaporeans . u
50 www . intelligentciso . com