/Logo%202023.svg "Logo 2023"){kind=small}
Guillaume Forget
Cryptomathic is thrilled to announce a significant enhancement to our Mobile App Security Solution (MASC) offering with Insights Service. Insights Service integrates a brand new and highly performant reaction engine, designed to deliver efficient Runtime Application Self-Protection (RASP) for risk-sensitive mobile applications.
Addressing the Expanding Threat Landscape
Banks and issuers of risk-sensitive apps, such as wallet providers (crypto wallets and identity wallets), face a vast array of threats. The attack surface is extensive, including reverse engineering, emulators, malware and spyware, Man-in-the-middle attacks, RAM memory dump etc.
These threats pose significant risks, including fraud on transactions, data leaks incl. GDPR breaches, and reputational damage. As consumers rely more on their mobile phone to perform their online active, with a surge in the use of retail apps, mobile wallets, and P2P payments, they engage in various daily online financial activities. According to the Q2 2024 Mobile Landscape Threat Report (1), the need for robust security measures has never been more critical and many app issuers are forced to reconsider the security design and the mitigation measures to handle risks associated by heavily used mobile apps.
1. https://www.lookout.com/threat-intelligence/report/q2-2024-mobile-landscape-threat-report
The Importance of RASP
Runtime Application Self-Protection (RASP) is essential for mitigating these risks. However, implementing RASP effectively and ensuring seamless coordination with back-end services, including risk management, can be challenging. For instance, a banking app with about over 15 million active mobile users need to handle huge number transactions per second. Peaks can reach over 75,000 transactions per second and increased based on number of users. Mitigating risks at such high volume require an efficient solution
Introducing Cryptomathic's Insights Service Reaction Engine
To better support our clients, Cryptomathic has integrated a powerful reaction engine as part of the new Insights Service. This enhancement ensures that banks' mobile apps are not only secure but also able to mitigate many of the threats. Our solution provides real-time responses to indications of compromise, enabling banks and app issuers to react swiftly and effectively.
How the Reaction Engine Works
The solution we implement includes many sentinels/agents spread in the mobile app, which collect "health" data. During runtime, the app layer invokes back-end services through MASC Core and MASC assurance protocol. The invoked service transfers through the assurance protocol realtime health data that feed the new reaction engine.
Cryptomathic reaction engine automatically offer an immediate response. Depending on the threat level, the engine can:
- Pass the request if no risks are identified.
- Report traffic if the risk is low but may require further investigation (for example fraud attempts).
- Block traffic and report the threat to back-end services if the risk is graded as medium (for example root detection)
- Crash the app if the threat is severe enough and active tampering is detected (for example hooking attempts).
The engine is configurable based on the risk appetite of the app issuer. By default, Cryptomathic offers modules based on best practice, and it is easy to add modules based on new threats without requiring new deployment of the app. The app may also be configured to crash based on local reactions configuration to provide full flexibility for threat mitigation even if offline.
.png?width=740&height=370&name=MASC%20Blog%202024%20(1).png)
The reaction engine responds to the back-end with recommended action, report, block and crash and then final decision is made. Important when processing recommended action to consider educating end-user with reason and possible action, for example when blocking the user inform rooting was detected and recommend not to use rooted device. In case of “report” action an assessment can be made of the risk rating of possible social engineering, for example remote screen sharing.
The beauty of the reaction engine is its ability to add this additional RASP protection in real time with minimum additional latency, even with a large number of requests. We identify all sorts of threats, ranging from the presence of emulators, rooted devices, screen capture, touchscreen manipulation, unknown accessibility providers, third-party software, and more.
Conclusion
With the addition of our Insights Service advanced reaction engine, Cryptomathic empowers risk management teams with the ability to mitigate mobile app threats in realtime. Increased threat vectors and rising fraud makes the Cryptomathic solution essential to address mobile app security. Cryptomathic Insights Service - Reaction Engine allows for easy integration with risk management services and DevSecOps. Our clients enjoy unparalleled RASP protection, ensuring their mobile applications are secure, compliant, and resilient against the ever-evolving threat landscape.
For more information on how Cryptomathic can help secure your mobile applications, please visit get in touch!