bankingciooutlook

Zimperium: Bid Adieu to Mobile Threats and Network Phishing

Chris Dworkin, GM, In-App Security, ZimperiumChris Dworkin, GM, In-App Security
Moving away from big, brick-like cellular phones to super-slim smartphones, mobile technology has unarguably come a long way. Along with this advancement has come ubiquitous internet connectivity, and as a result, considerable security risks. Phones are packed with apps containing sensitive information–banking apps, travel apps, gaming apps, tap and pay apps, and more. Yet this valuable information essentially has no lock protecting it and is at considerable risk of attack. Existing security solutions lack features to provide the visibility needed to guard mobile devices against these risks and increasingly dynamic threats. This is where Zimperium, a US-based mobile security firm steps in, offering real-time, on-device protection against both known and unknown Android and iOS threats.

At its core, Zimperium’s Mobile Threat Defense (MTD) technology provides continuous, on-device monitoring and analysis capabilities that detect mobile cyber-attacks. Leveraging its machine learning based detection engine, z9, it protects against device compromises, network attacks, phishing attempts and malicious apps. Besides, running efficiently on smartphones and tablets, the z9 engine monitors the mobile device for malicious behavior. Serving as an early warning threat detection system, z9 doesn’t rely on external IDs or malware signatures to deliver protection. This makes it immune to evasion techniques such as virtual machine spoofing, polymorphic malware, and more. By, putting the power of network intrusion prevention appliances (IPS) into the mobile device, z9 transforms the device from a risk to an advantage. z9 has detected “100 percent of zero-day mobile exploits without requiring an update or suffering from the delays and limitations of cloud-based detection,” says Chris Dworkin, GM, In-App Security, Zimperium.

In order to provide a comprehensive mobile security solution, Zimperium offers a suite of products.
To begin with, Zimperium’s zIPS, a mobile intrusion prevention app that runs on the device and managed from any cloud data structure, monitors the entire mobile device and protects against the mobile network, device, phishing and application cyber-attacks. In addition, Zimperium’s zIAP (In-App Protection) SDK ensures the mobile application on the devices is protected from malicious attacks. And rounding out the solution, Zimperium’s z3A (Advanced App Analysis) provides deep application intelligence, including contextual analysis, privacy, and security ratings. “It takes less than 15 minutes to embed our enterprise-grade mobile security SDK, zIAP, into a mobile application. This includes registering, downloading and updating. We offer a free basic version and an advanced Pro version,” says Dworkin. The locally running app, with zIAP embedded, doesn’t require signatures, a cloud-based sandbox, or even an Internet connection; enterprises remain protected and have the ability to take appropriate actions, in app, as required. Moreover, the firm invests in ‘a customer success team,’ to provide support at all times, assisting enterprises–from integration to testing to deployment–thereby, providing best practices and policies along the way.

The goal of the firm is to provide mobile device security insight and intelligence. “We provide visibility to the enterprise for anyone using our mobile security solutions,” adds Dworkin. Citing an example, Dworkin mentions a US-based bank that wanted to reduce the amount of online fraud they were experiencing. They had their mobile banking application deployed on over 25 million devices but little visibility into the risk. The bank embedded Zimperium’s zIAP SDK technology into their consumer banking applications and in the first 30 days, saw 900,000 threats. In those threats were 26,000 actual attacks with 2000 malicious apps and over 3000 network-based attacks. The bank is working closely with Zimperium to reduce fraud in their environment.

In recognition of delivering an industry leading mobile security solution, Zimperium has been awarded the 2018 Cybersecurity Excellence Awards for the Best Mobile Security Product in addition to other awards and accolades. This is reinforced through the business success where the company has seen a 300 percent increase in enterprise bookings and a 95 percent plus renewal rate. Zimperium has also signed an OEM partnership with a market-leading endpoint security vendor and a multi-year partnership with a major US city to offer mobile security to all residents.

Zimperium is often used as part of an overall end-point compliance program and specifically provides solutions for the very stringent requirements of GDPR and PSD2.