The Avast Mobile Security team showcased secure solutions for payment, identification and mobility at the CARTES conference.
The Avast Mobile team had a couple of busy days in November – we participated at CARTES Secure Connexions 2014 and showcased some of our best mobile apps in the “Mobile payments” pavilion. In our traditional and authentic guerrilla style, we drove a truck to Paris, we built the stand ourselves (and almost got killed dismantling it the last day), and we greeted our friends and product users in person, with no external hostesses; only Avast Mobile crew members equipped with mint candies, product fliers, and an unlimited dose of enthusiasm.
You may ask yourself, what was my mobile antivirus provider doing at CARTES, a global event for the digital security industry?
Because of the experience the Inmite acquisition brought to Avast Mobile, the Avast team knows a thing or two about mobile payments security, and we believe we can bring additional value to this topic with our products.
Mobile payment security starts and ends with the customer
While there are many techniques app makers or payment institutions such as a banks use to secure their mobile applications, recent attacks show that the weakest part of the chain are end clients – in other words – you and me. Face it, most people tend to underestimate potential threats, they fall for phishing attacks or attacks by social engineering, they connect to insecure public Wi-Fi hotspots, and they know in most cases, that banks will handle possible issues they have gracefully. In many cases, banks will even refund complete financial loss in order to keep their reputation high. The value Avast can bring to the table is the fact that most of our solutions are oriented towards the end users and their devices – we help where the additional help is needed.
At CARTES, we presented three products for mobile:
This selection of products was not random. Each of the products protect people and their payments at different “stages”.
AIR BOND is our patent pending HW authentication token based on Bluetooth Low Energy. It wirelessly communicates with your smartphone or tablet and co-signs your transactions before they are sent to the server. It requires no special effort, like rewriting a numeric code or putting an NFC tag close to your iPhone (that does not support NFC this way anyway ;-). )You can use your mobile banking or payment app as long as your AIR BOND is nearby. If you lose your phone or somebody steals it, your banking is instantly safe – proximity to the AIR BOND device is required in order to execute transactions (all of them or only some of them depend on AIR BOND deployment type at each individual bank).
As more gadgets get WiFi-connected, there could be serious implications for personal and home security.
Baby monitor hijacked
A new case of a baby monitor being hijacked was reported last week in a Cincinnati, Ohio home. Fox19 news reported that the Schreck family was fast asleep when an unfamiliar voice woke up Mrs. Schreck. She grabbed her cell phone to check on the wireless IP camera used to monitor her 10-month-old daughter Emma’s room. The camera was moving, seemingly by itself. A man’s voice started screaming, ‘Wake up baby. Wake up baby.’
This incident is similar to one that occurred in August 2013 when a disturbed stranger screamed obscenities at a sleeping toddler through the baby monitor. The bugs in the Foscam camera that was used have since been discovered and updates are on the company website. Make sure you update your camera’s firmware as soon as possible.
The Internet of Things
“Smart” gadgets like IP camera video feeds are used to monitor children, property, and pets. If the camera isn’t secure, a hacker or creepy Peeping Tom can use them to spy on you and your family, watch recorded images, and even find out when the coast is clear so they can break in. Other smart gadgets like home appliances, TVs, pacemakers, cars, etc. – are vulnerable to cyber attacks. This may be a low-risk threat now, but as more gadgets get WiFi-connected, there could be serious implications for personal and home security.
Tips to secure your home cameras against digital snooping
- Secure your home wireless router. Look for a camera that supports current wireless security protocols, like WPA2.
- Use a unique password. Don’t be tempted to turn off the password requirement on your camera. If you’re not sure what a strong password looks like, read our blog about creating strong passwords.
- Use a secure WiFi connection. Your camera’s mobile app may not be encrypted, so using it on an unsecured WiFi network could give troublemakers an open door to your video feed or your password. Change the settings on your mobile device so that it doesn’t automatically connect to a public WiFi hotspot. Protect your privacy by using avast! SecureLine VPN on your Android phone or iPhone. If you don’t know what a VPN is, read our blog post explaining what a VPN can do for you.
The FTC has more tips for securing your IP camera on their site.
Thank you for using avast! Antivirus and recommending us to your friends and family. For all the latest news, fun and contest information, please follow us on Facebook, Twitter and Google+. Business owners – check out our business products.
More than one billion people nowadays use smartphones devices and this number is growing rapidly. With the growing numbers of mobile users accessing the internet on Android smartphones and tablets, and iOS iPhones and iPads, the number of mobile threats and attacks is rising progressively.
Mobile users store sensitive data, and engage in online banking operations, exposing devices to the modern mobile threads. You need constant protection. Not even these big names were immune from attack: German Chancellor Angela Merkel’s smartphone was hacked; Rovio, creator of popular game Angry Birds, reported that the personal data of its customers might have been accessed by U.S. and British spy agencies; and recent news of other leaky phone apps have caused people to look for ways to protect their private mobile communications.
Unprotected WiFi presents a real and present danger
Edward Snowden’s recently leaked documents revealed that the Canadian government’s intelligence agency, CSEC, collected data from travelers who connected to unprotected WiFi at Canadian airports. Read more…