LIVE FROM PAYEXPO EUROPE, LONDON: Building modern security systems and “hack testing” mobile payment apps is vital as a growing number of criminals are targeting the applications, Ian Prince, senior consultant from Consult Hyperion (pictured) told delegates.
“It is inevitable hackers will target your apps eventually, so it’s vital to double-down on security,” Prince said, warning security “is perhaps not considered as much as customer experience, especially for new companies.”
Speaking in a session on mobile payment security, he said as mobile continues to be used to enable a wider range of financial transactions, devices and apps have become a more likely target for criminals.
“As mobile is increasingly used for the types of things fraudsters want to attack, the more it is being attacked,” he said. Prior to the popularity of mobile finance smartphone malware was generally used for “low value” activities such as artificially inflating advert clicks, he added.
Even if the mobile payment apps were not the primary target, Prince believes those released without adequate security means “you run the risk your app may become another source of data for criminals”.
“We have to accept there’s no such thing as a 100 per cent secure solution so we have to make the lives for attackers as difficult as possible”.
As well as using protections available on handsets, including fingerprint authentication and the secure trusted execution environment segment on many devices, he recommended including encryption and thorough hack testing ahead of release.