Page 14 - AeM_Dec_2017
P. 14
BEST PRACTICES & STRATEGIES
Stay alert when purchasing via
smartphone and tablet
The Christmas business is in full swing. Therefore we applications run in distributed and potentially vulnerable
are sounding a note of caution to all those using their environments and are therefore particularly attractive to
smartphone or tablet for doing their shopping. hackers. The Achilles heel of the mobile app is their
binary code, which opens the door to any kind of
When the pre-Christmas shopping season starts at the manipulation that compromises the integrity of the app.
beginning of December, many retailers once again are If the binary code is not specifically protected, attackers
wooing with rewarding online offers. Quite to the can reverse engineer it, thus preserving sensitive data,
delight of their customers, because many consumers such as credit card or bank account information, or spy
avoid crowded shops in the run-up to Christmas and on or manipulate transactions that are handled through
buy their gifts from the comfort of their own home or on the app.
the go - or via smartphone or tablet.
More security for shopping apps
Dealers have long since recognized the trend towards
mobile commerce and are expanding their offering to In times when mobile applications for retailers represent
include mobile shopping apps that gives their an important strategy in the fight for customer loyalty
customers a convenient and fast purchasing process and revenue generation, such cyberattacks can have
via their smartphone. But the mobile optimization of fatal consequences - from financial losses to
the retail industry also carries many risks, as apps are compensation payments to reputational damage. This
another lucrative target for cybercriminals, giving them makes it all the more important for companies to keep
multiple ways to make a profit. an eye on the security of their apps when setting up
their mobile shopping strategy.
More and more often, hackers manage to penetrate
mobile apps and tap sensitive personal or bank Specifically, this means that mobile applications are
account data, manipulate purchasing processes or hardened at the binary level and equipped with runtime
steal intellectual property. Because of the wealth of application self-protection technologies. Only then the
sensitive data, shopping applications are particularly app can independently protect itself against all types of
threatened by cyber-attacks. manipulation and reverse engineering - regardless of
device, environment, running time or idle state. Android
But even fake apps are becoming more of a problem in retail apps with Host Card Emulation (HCE) -based
the industry. How real this danger is, we could find out payment solutions should also be equipped with special
from some Apple customers, who already got a taste cryptographic key protection technologies to prevent
of it. Just in time for the start of the shopping season, unauthorized access.
cybercriminals managed to smuggle hundreds of fake
shopping apps past the security checkpoints into the For both businesses and customers, mobile retail
app store. The counterfeit applications presented applications have great potential in digital retail
themselves as official shopping helpers of renowned optimization. The difficulty, however, is to fully exploit
brands such as Nike or Christian Dior, but have been a this potential and achieve real competitive advantages.
ripsnorter. Some of the fake apps bothered customers In addition to formulating the tangible benefits and
with embedded ads, while others targeted credit card convenience of shopping apps, providers must first and
information. foremost strengthen customer confidence in the security
of apps. Retailers and developers must spare no
How hackers attack
expense and efforts to protect their apps effectively
Unlike web-based applications, where security is against hacker attacks and abuse, and to communicate
largely controlled by businesses, protecting mobile this security openly. ◊
apps from manipulation and reverse engineering is far By Daniela La Marca
more of a challenge. This is not least because mobile
14 December 2017 - Digital Commerce & Customer Experience