SlideShare une entreprise Scribd logo

Mobile App-Store Enhanced Architecture with Pro-active Security Control

Tech Mahindra
Tech Mahindra

A pro-active mobile security control system around the apps submission process that identifies and prevents publishing malicious intent apps on the stores is very much required. This white-paper highlights modification in the generic architecture of an app-store for pro-actively integrating the apps security control system and that can fit or plug-in into the existing app-stores easily.

Technologie
1  sur  7
Mobile App-Store Abstract: A pro-active mobile security control system around the apps submission process that Enhanced Architecture identifies and prevents publishing malicious intent apps on the stores is very much required. with Pro-active Security This white-paper highlights modification in the generic architecture of an app-store for pro- Control actively integrating the apps security control system and that can fit or plug-in into the existing Author app-stores easily. Rajesh Kumar Mobile Security R&D and Services 7th November 2011 © Tech Mahindra Limited 2010 © Tech Mahindra Limited 2011
Table of Contents Table of Contents ............................................................................ 1 Introduction .................................................................................... 2 Apps Development and Distribution .................................................. 2 The App Store Architecture .............................................................. 3 Enhanced Architecture with Pro-active Security Control ..................... 4 Apps Security Module ...................................................................... 5 Security Test Scope .......................................................................... 5 About Author .................................................................................. 6 About Tech Mahindra Limited .......................................................... 6 1 © Tech Mahindra Limited 2011
Introduction Smartphones are enjoying ever-increasing users, business and popularity today. The integration of new high-speed wireless technologies, multimedia capabilities, document editors, millions of social-sites users, availability of centralized apps- stores, and new generation developers, previously found on Personal Computers, is leading the smartphones becoming real powerhouses. This has also brought cyber risks, not only the malware infecting the operations of phone, but also phishing of applications, targeting users with Trojans and Spywares for stealing personal information, high billing by making hidden calls and sms to premium numbers, and malvertising. As smart-phones have small apps widely downloaded from centralized app-stores free or commercially, they are exposed to additional risks: they are also an attractive way for hackers for centralized distribution of a malicious app embedded with financial fraud and network traffic generator. Currently most of the stores are implemented with certificate based trust-chain and abuse reporting by end-users which are not sufficient to control security incidents reported in malware apps. To avoid such scenarios, app-stores should employ pro-active malware and security assessment and control systems for mobile apps in the app-store infrastructure. This security system will result in a way where only safe apps are published in the apps- store and thus protecting billions of downloading by million of users from thousands of malware apps. Apps Development and Distribution Mobile App-stores are evolving and million of users visit for downloading latest apps making it the primary distribution channels for 45% of developers across platforms. Three platforms namely Android, iOS and Mobile-web are leading among developers as surveyed and published by app-store analysts. Many dedicated app stores for the classified customers, enterprise and business applications can be launched in future. 2 © Tech Mahindra Limited 2011
The App Store Architecture Hackers are effectively able to turn mobile malware into biggest consumer problem. Bank users are relatively increasing who bank from their mobile devices. If we add application zero-day vulnerabilities into current mobile malware threats, the risk will be catastrophic. In the current app-store architecture, security system is not adopted as part in the apps publishing infrastructure or its life-cycle. In general, an app store includes following main key components as depicted in the below figure.  Administrative console,  Product catalogs,  A central apps/content repository, and  Sales promotional channels. 3 © Tech Mahindra Limited 2011
Enhanced Architecture with Pro-active Security Control Hackers and fraudsters are two steps ahead in acquiring tools and techniques to effectively turn mobile malware and application vulnerabilities into the biggest security problem. This brings challenges for security vendors and content providers like Google, Android-market and others to take-off 50 or more malicious apps from their app-stores after thousand of users have already downloaded and reported. This mitigation mechanism cannot effectively stop the malware apps getting published in the stores. Publishers can black-list old user-ids and certificates which can be overridden or bypassed by creation of new user-ids and certificates. Building a power-packed fraudulent application for stealing and abusing identity, financial fraud, malware repackaging is almost simple. Distributing these apps on the apps-store is even simpler. A pro-active mobile security control system around the apps submission process that identifies and prevents publishing malicious intent apps on the stores is very much required. The current app-store architecture needs to be augmented with in- line security module. This modified architecture is integrated with a pro-active mobile apps security control system that can fit or plug-in into the existing app-store easily as depicted in the below figure. This mitigation mechanism would be effective for discarding or denying the malware intent apps and vulnerability exposed apps in the apps submission process by the security system scanner pro-actively. 4 © Tech Mahindra Limited 2011
Apps Security Module When the developer decides to self publish the app in the App-store as free or paid subscription, the in-line comprehensive security test should be activated that consists of all or some of the below sub-modules for each application. 1. Malware Intent test 2. Anti-virus and Anti-malware test 3. Dynamic behavior security test 4. Secure code-review test Security Test Scope Following security checks are the minimum to be done for any apps in the process of publishing to the app-store. Malware review Financial Fraud Unsecure Connectivity System Control and Resource Exhaustion Test Vulnerable Interfaces Network Traffic Analysis Secure Programming This would marginally reduce the Rogue applications, malicious websites, malware in the app-store among top mobile threats. 5 © Tech Mahindra Limited 2011
About Author Rajesh Kumar leads Mobile Security R&D and Services in Tech Mahindra Limited. His 18 years of industry experience begins along with the evolvement of application proxy and network firewalling security system. His current assignment includes development of mobile security control systems and services around mobile apps, mobile networks, and enterprise mobility. He developed various enterprise systems, network services and their architectures while working with Indian Space Research Organization, ISRO in his earlier organization. His qualifications include Bachelor of Engg in Computer science & engg subject from BIT Sindri, India and Post Graduate Certificate in Business management from XIM Bhubaneswar, India. About Tech Mahindra Limited Tech Mahindra has in-house developed App-store security solution and service ‘MobiSecure’ to check malicious apps before them getting published in the app- store. The service is capable of testing thousands of mobile apps that are ready in a day. Tech Mahindra is part of the US $12.5 billion Mahindra Group, in partnership with British Telecommunications plc (BT), one of the world’s leading communications service providers. Focused primarily on the telecommunications industry, Tech Mahindra is a leading global systems integrator and business transformation consulting organization. Tech Mahindra has recently expanded its IT portfolio by acquiring the leading global business and information technology services company, Mahindra Satyam (earlier known as Satyam Computer Services). Tech Mahindra’s capabilities spread across a broad spectrum, including Business Support Systems (BSS), Operations Support Systems (OSS), Network Design & Engineering, Next Generation Networks, Mobility Solutions, Security consulting and Testing. The solutions portfolio includes Consulting, Application Development & Management, Network Services, Solution Integration, Product Engineering, Infrastructure Managed Services, Remote Infrastructure Management and BSG (comprises BPO, Services and Consulting). With an array of service offerings for TSPs, TEMs and ISVs, Tech Mahindra is a chosen transformation partner for several leading wireline, wireless and broadband operators in Europe, Asia-Pacific and North America. For Security Services, kindly visit our website http://www.techmahindra.com/security/ For further information or to have a sales representative contact you, mail at security.sales@techmahindra.com. 6 © Tech Mahindra Limited 2011

Recommandé

Automotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into OverdriveAutomotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into Overdriveaccenture
 
The Future of Digital IAM
The Future of Digital IAMThe Future of Digital IAM
The Future of Digital IAMWSO2
 
Slideshare week1
Slideshare week1Slideshare week1
Slideshare week1Tikona Digital Networks Pvt Ltd
 
Transforming Surveillance in an Uncertain World 
Transforming Surveillance in an Uncertain World Transforming Surveillance in an Uncertain World 
Transforming Surveillance in an Uncertain World accenture
 
Retail Banking Trends book 2022
Retail Banking Trends book 2022Retail Banking Trends book 2022
Retail Banking Trends book 2022Capgemini
 
ICT Skills & Competency
ICT Skills & CompetencyICT Skills & Competency
ICT Skills & CompetencyM.Imran Kunalan Abdullah
 
Legal Transformation and Contract Remediation
Legal Transformation and Contract RemediationLegal Transformation and Contract Remediation
Legal Transformation and Contract Remediationaccenture
 
Swiss Digital Index 2015
Swiss Digital Index 2015Swiss Digital Index 2015
Swiss Digital Index 2015accenture
 

Recommandé

Automotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into OverdriveAutomotive Cybersecurity: Shifting into Overdrive
Automotive Cybersecurity: Shifting into Overdriveaccenture
 
The Future of Digital IAM
The Future of Digital IAMThe Future of Digital IAM
The Future of Digital IAMWSO2
 
Slideshare week1
Slideshare week1Slideshare week1
Slideshare week1Tikona Digital Networks Pvt Ltd
 
Transforming Surveillance in an Uncertain World 
Transforming Surveillance in an Uncertain World Transforming Surveillance in an Uncertain World 
Transforming Surveillance in an Uncertain World accenture
 
Retail Banking Trends book 2022
Retail Banking Trends book 2022Retail Banking Trends book 2022
Retail Banking Trends book 2022Capgemini
 
ICT Skills & Competency
ICT Skills & CompetencyICT Skills & Competency
ICT Skills & CompetencyM.Imran Kunalan Abdullah
 
Legal Transformation and Contract Remediation
Legal Transformation and Contract RemediationLegal Transformation and Contract Remediation
Legal Transformation and Contract Remediationaccenture
 
Swiss Digital Index 2015
Swiss Digital Index 2015Swiss Digital Index 2015
Swiss Digital Index 2015accenture
 
The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014Enterprise Mobile
 
Mobile Marketing Strategy
Mobile Marketing StrategyMobile Marketing Strategy
Mobile Marketing StrategyKenko Health, Inc.
 
Open Enrollment 2020: Case Study and Trends Report
Open Enrollment 2020: Case Study and Trends ReportOpen Enrollment 2020: Case Study and Trends Report
Open Enrollment 2020: Case Study and Trends ReportWayne Wall
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationCognizant
 
Seamless Retail Technology – Unleashing an Integrated Shopping Experience
Seamless Retail Technology – Unleashing an Integrated Shopping Experience Seamless Retail Technology – Unleashing an Integrated Shopping Experience
Seamless Retail Technology – Unleashing an Integrated Shopping Experience accenture
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Marketsensus presentation april 2011
Marketsensus presentation april 2011Marketsensus presentation april 2011
Marketsensus presentation april 2011Marketsensus Research and Innovation
 
Global Trends in the IT Industry
Global Trends in the IT IndustryGlobal Trends in the IT Industry
Global Trends in the IT IndustryCapgemini
 
Top 10 Trends in Insurance 2016
Top 10 Trends in Insurance 2016Top 10 Trends in Insurance 2016
Top 10 Trends in Insurance 2016Luis Asenjo Perez
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Anant Desai
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
 
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2Adobe Live Cycle Es - Supercharging Banking Industry V.1.2
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2numerous
 
Capgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini
 
Cloud Reshaping Banking
Cloud Reshaping BankingCloud Reshaping Banking
Cloud Reshaping BankingHappiest Minds Technologies
 
Digital Trends - Redefining the Insurance Industry (2016)
Digital Trends - Redefining the Insurance Industry (2016)Digital Trends - Redefining the Insurance Industry (2016)
Digital Trends - Redefining the Insurance Industry (2016)Chulalongkorn University
 
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...Capgemini
 
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini
 
Company Profile – Sankalp Tech (MLM Software)
Company Profile – Sankalp Tech (MLM Software)Company Profile – Sankalp Tech (MLM Software)
Company Profile – Sankalp Tech (MLM Software)Sankalp
 
Gartner Webinars: Top 5 Post-COVID Workforce Planning
Gartner Webinars: Top 5 Post-COVID Workforce Planning Gartner Webinars: Top 5 Post-COVID Workforce Planning
Gartner Webinars: Top 5 Post-COVID Workforce Planning Rustin Richburg
 
Reinforce the insurance value chain with predictive modelling and ml
Reinforce the insurance value chain with predictive modelling and mlReinforce the insurance value chain with predictive modelling and ml
Reinforce the insurance value chain with predictive modelling and mlIndusNetMarketing
 
Tips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfTips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfFuGenx Technologies
 
Mobile App Security Protecting Your App from Cyber Threats.edited.docx
Mobile App Security Protecting Your App from Cyber Threats.edited.docxMobile App Security Protecting Your App from Cyber Threats.edited.docx
Mobile App Security Protecting Your App from Cyber Threats.edited.docxmadhuri871014
 

Contenu connexe

Tendances

The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014Enterprise Mobile
 
Open Enrollment 2020: Case Study and Trends Report
Open Enrollment 2020: Case Study and Trends ReportOpen Enrollment 2020: Case Study and Trends Report
Open Enrollment 2020: Case Study and Trends ReportWayne Wall
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationCognizant
 
Seamless Retail Technology – Unleashing an Integrated Shopping Experience
Seamless Retail Technology – Unleashing an Integrated Shopping Experience Seamless Retail Technology – Unleashing an Integrated Shopping Experience
Seamless Retail Technology – Unleashing an Integrated Shopping Experience accenture
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesMcKinsey & Company
 
Global Trends in the IT Industry
Global Trends in the IT IndustryGlobal Trends in the IT Industry
Global Trends in the IT IndustryCapgemini
 
Top 10 Trends in Insurance 2016
Top 10 Trends in Insurance 2016Top 10 Trends in Insurance 2016
Top 10 Trends in Insurance 2016Luis Asenjo Perez
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Anant Desai
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Capgemini
 
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2Adobe Live Cycle Es - Supercharging Banking Industry V.1.2
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2numerous
 
Capgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini
 
Digital Trends - Redefining the Insurance Industry (2016)
Digital Trends - Redefining the Insurance Industry (2016)Digital Trends - Redefining the Insurance Industry (2016)
Digital Trends - Redefining the Insurance Industry (2016)Chulalongkorn University
 
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...Capgemini
 
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini
 
Company Profile – Sankalp Tech (MLM Software)
Company Profile – Sankalp Tech (MLM Software)Company Profile – Sankalp Tech (MLM Software)
Company Profile – Sankalp Tech (MLM Software)Sankalp
 
Gartner Webinars: Top 5 Post-COVID Workforce Planning
Gartner Webinars: Top 5 Post-COVID Workforce Planning Gartner Webinars: Top 5 Post-COVID Workforce Planning
Gartner Webinars: Top 5 Post-COVID Workforce Planning Rustin Richburg
 
Reinforce the insurance value chain with predictive modelling and ml
Reinforce the insurance value chain with predictive modelling and mlReinforce the insurance value chain with predictive modelling and ml
Reinforce the insurance value chain with predictive modelling and mlIndusNetMarketing
 

Tendances (20)

The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014The Future of Enterprise Mobility: Predictions for 2014
The Future of Enterprise Mobility: Predictions for 2014
 
Mobile Marketing Strategy
Mobile Marketing StrategyMobile Marketing Strategy
Mobile Marketing Strategy
 
Open Enrollment 2020: Case Study and Trends Report
Open Enrollment 2020: Case Study and Trends ReportOpen Enrollment 2020: Case Study and Trends Report
Open Enrollment 2020: Case Study and Trends Report
 
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital TransformationHow Insurance CIOs Can Remake Themselves to Lead Digital Transformation
How Insurance CIOs Can Remake Themselves to Lead Digital Transformation
 
Seamless Retail Technology – Unleashing an Integrated Shopping Experience
Seamless Retail Technology – Unleashing an Integrated Shopping Experience Seamless Retail Technology – Unleashing an Integrated Shopping Experience
Seamless Retail Technology – Unleashing an Integrated Shopping Experience
 
Accelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securitiesAccelerating hybrid-cloud adoption in banking and securities
Accelerating hybrid-cloud adoption in banking and securities
 
Marketsensus presentation april 2011
Marketsensus presentation april 2011Marketsensus presentation april 2011
Marketsensus presentation april 2011
 
Global Trends in the IT Industry
Global Trends in the IT IndustryGlobal Trends in the IT Industry
Global Trends in the IT Industry
 
Top 10 Trends in Insurance 2016
Top 10 Trends in Insurance 2016Top 10 Trends in Insurance 2016
Top 10 Trends in Insurance 2016
 
Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)Digital Transformation (Implications for the CXO)
Digital Transformation (Implications for the CXO)
 
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
Securing the Internet of Things Opportunity: Putting Cybersecurity at the Hea...
 
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2Adobe Live Cycle Es - Supercharging Banking Industry V.1.2
Adobe Live Cycle Es - Supercharging Banking Industry V.1.2
 
Capgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous PlanningCapgemini’s Connected Autonomous Planning
Capgemini’s Connected Autonomous Planning
 
Cloud Reshaping Banking
Cloud Reshaping BankingCloud Reshaping Banking
Cloud Reshaping Banking
 
Digital Trends - Redefining the Insurance Industry (2016)
Digital Trends - Redefining the Insurance Industry (2016)Digital Trends - Redefining the Insurance Industry (2016)
Digital Trends - Redefining the Insurance Industry (2016)
 
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
Thousands of Employees, Millions of Devices, Billions of Things – Welcome to ...
 
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
Capgemini & EMC Transform Brazilian Businesses with Next-Generation Cloud Sol...
 
Company Profile – Sankalp Tech (MLM Software)
Company Profile – Sankalp Tech (MLM Software)Company Profile – Sankalp Tech (MLM Software)
Company Profile – Sankalp Tech (MLM Software)
 
Gartner Webinars: Top 5 Post-COVID Workforce Planning
Gartner Webinars: Top 5 Post-COVID Workforce Planning Gartner Webinars: Top 5 Post-COVID Workforce Planning
Gartner Webinars: Top 5 Post-COVID Workforce Planning
 
Reinforce the insurance value chain with predictive modelling and ml
Reinforce the insurance value chain with predictive modelling and mlReinforce the insurance value chain with predictive modelling and ml
Reinforce the insurance value chain with predictive modelling and ml
 

Similaire à Mobile App-Store Enhanced Architecture with Pro-active Security Control

Tips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfTips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfFuGenx Technologies
 
Mobile App Security Protecting Your App from Cyber Threats.edited.docx
Mobile App Security Protecting Your App from Cyber Threats.edited.docxMobile App Security Protecting Your App from Cyber Threats.edited.docx
Mobile App Security Protecting Your App from Cyber Threats.edited.docxmadhuri871014
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015Francisco Anes
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityCygnet Infotech
 
State ofmobilesecurity
State ofmobilesecurityState ofmobilesecurity
State ofmobilesecurityGary Sandoval
 
Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...
Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...
Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...Hepto Software Company
 
7 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 20227 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 2022Cerebrum Infotech
 
White Paper - Securing Mobile Access to enterprise data
White Paper - Securing Mobile Access to enterprise dataWhite Paper - Securing Mobile Access to enterprise data
White Paper - Securing Mobile Access to enterprise dataAppear
 
Security in Mobile App Development Protecting User Data and Preventing Cybera...
Security in Mobile App Development Protecting User Data and Preventing Cybera...Security in Mobile App Development Protecting User Data and Preventing Cybera...
Security in Mobile App Development Protecting User Data and Preventing Cybera...madhuri871014
 
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)IndusfacePvtLtd
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxwkyra78
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comIdexcel Technologies
 
MobileIron's Enterprise Solution for App Security and Management
MobileIron's Enterprise Solution for App Security and ManagementMobileIron's Enterprise Solution for App Security and Management
MobileIron's Enterprise Solution for App Security and ManagementMobileIron
 
Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.Techugo
 
Mojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile SecurityMojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile SecurityMojave Networks
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - PrintAndrew Kanikuru
 

Similaire à Mobile App-Store Enhanced Architecture with Pro-active Security Control (20)

Tips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdfTips To Protect Your Mobile App from Hackers.pdf
Tips To Protect Your Mobile App from Hackers.pdf
 
Mobile App Security Protecting Your App from Cyber Threats.edited.docx
Mobile App Security Protecting Your App from Cyber Threats.edited.docxMobile App Security Protecting Your App from Cyber Threats.edited.docx
Mobile App Security Protecting Your App from Cyber Threats.edited.docx
 
SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015SecurityWhitepaper 7-1-2015
SecurityWhitepaper 7-1-2015
 
Challenges in Testing Mobile App Security
Challenges in Testing Mobile App SecurityChallenges in Testing Mobile App Security
Challenges in Testing Mobile App Security
 
State ofmobilesecurity
State ofmobilesecurityState ofmobilesecurity
State ofmobilesecurity
 
Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...
Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...
Top Mobile App Trends Changing Technology and Evolution of Customer's Expecta...
 
Mobile App Development
Mobile App DevelopmentMobile App Development
Mobile App Development
 
7 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 20227 Steps to Boosting Your App Security in 2022
7 Steps to Boosting Your App Security in 2022
 
White Paper - Securing Mobile Access to enterprise data
White Paper - Securing Mobile Access to enterprise dataWhite Paper - Securing Mobile Access to enterprise data
White Paper - Securing Mobile Access to enterprise data
 
Security in Mobile App Development Protecting User Data and Preventing Cybera...
Security in Mobile App Development Protecting User Data and Preventing Cybera...Security in Mobile App Development Protecting User Data and Preventing Cybera...
Security in Mobile App Development Protecting User Data and Preventing Cybera...
 
AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)AppTrana SECaaS (Security as a Service)
AppTrana SECaaS (Security as a Service)
 
Project Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docxProject Quality-SIPOCSelect a process of your choice and creat.docx
Project Quality-SIPOCSelect a process of your choice and creat.docx
 
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.comMobile Application Security Testing, Testing for Mobility App | www.idexcel.com
Mobile Application Security Testing, Testing for Mobility App | www.idexcel.com
 
MobileIron's Enterprise Solution for App Security and Management
MobileIron's Enterprise Solution for App Security and ManagementMobileIron's Enterprise Solution for App Security and Management
MobileIron's Enterprise Solution for App Security and Management
 
Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.Top Practices You Need To Develop Secure Mobile Apps.
Top Practices You Need To Develop Secure Mobile Apps.
 
Mojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile SecurityMojave Networks Webinar: A Three-Pronged Approach to Mobile Security
Mojave Networks Webinar: A Three-Pronged Approach to Mobile Security
 
Mobile Application Penetration Testing Senselearner .pdf
Mobile Application Penetration Testing Senselearner .pdfMobile Application Penetration Testing Senselearner .pdf
Mobile Application Penetration Testing Senselearner .pdf
 
Securing mobile apps in a BYOD world
Securing mobile apps in a BYOD worldSecuring mobile apps in a BYOD world
Securing mobile apps in a BYOD world
 
Mobile Apps Security Testing -1
Mobile Apps Security Testing -1Mobile Apps Security Testing -1
Mobile Apps Security Testing -1
 
Veracode Corporate Overview - Print
Veracode Corporate Overview - PrintVeracode Corporate Overview - Print
Veracode Corporate Overview - Print
 

Plus de Tech Mahindra

Cloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot SpotCloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot SpotTech Mahindra
 
Network Process Outsourcing Services
Network Process Outsourcing ServicesNetwork Process Outsourcing Services
Network Process Outsourcing ServicesTech Mahindra
 
LTE Service Assurance Model
LTE Service Assurance ModelLTE Service Assurance Model
LTE Service Assurance ModelTech Mahindra
 
Nordic event - Transformation
Nordic event - TransformationNordic event - Transformation
Nordic event - TransformationTech Mahindra
 
Improved operational efficiency
Improved operational efficiencyImproved operational efficiency
Improved operational efficiencyTech Mahindra
 

Plus de Tech Mahindra (10)

Cloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot SpotCloud Computing IT Lexicon's Latest Hot Spot
Cloud Computing IT Lexicon's Latest Hot Spot
 
TMF Orlando
TMF OrlandoTMF Orlando
TMF Orlando
 
Network Process Outsourcing Services
Network Process Outsourcing ServicesNetwork Process Outsourcing Services
Network Process Outsourcing Services
 
Foraying the Cloud
Foraying the CloudForaying the Cloud
Foraying the Cloud
 
LTE Service Assurance Model
LTE Service Assurance ModelLTE Service Assurance Model
LTE Service Assurance Model
 
New Age Services
New Age ServicesNew Age Services
New Age Services
 
Nordic event - Transformation
Nordic event - TransformationNordic event - Transformation
Nordic event - Transformation
 
Reduced op ex
Reduced op exReduced op ex
Reduced op ex
 
Improved operational efficiency
Improved operational efficiencyImproved operational efficiency
Improved operational efficiency
 
Enhanced arpu
Enhanced arpuEnhanced arpu
Enhanced arpu
 

Dernier

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningLars Bell
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxLoriGlavin3
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 3652toLead Limited
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Scott Keck-Warren
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Enterprise Knowledge
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyAlfredo García Lavilla
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsSergiu Bodiu
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsMiki Katsuragi
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebUiPathCommunity
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupFlorian Wilhelm
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piececharlottematthew16
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsRizwan Syed
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clashcharlottematthew16
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DaySri Ambati
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024Lonnie McRorey
 

Dernier (20)

DSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine TuningDSPy a system for AI to Write Prompts and Do Fine Tuning
DSPy a system for AI to Write Prompts and Do Fine Tuning
 
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptxMerck Moving Beyond Passwords: FIDO Paris Seminar.pptx
Merck Moving Beyond Passwords: FIDO Paris Seminar.pptx
 
Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365Ensuring Technical Readiness For Copilot in Microsoft 365
Ensuring Technical Readiness For Copilot in Microsoft 365
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 
Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024Advanced Test Driven-Development @ php[tek] 2024
Advanced Test Driven-Development @ php[tek] 2024
 
Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024Designing IA for AI - Information Architecture Conference 2024
Designing IA for AI - Information Architecture Conference 2024
 
Commit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easyCommit 2024 - Secret Management made easy
Commit 2024 - Secret Management made easy
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
DevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platformsDevEX - reference for building teams, processes, and platforms
DevEX - reference for building teams, processes, and platforms
 
Vertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering TipsVertex AI Gemini Prompt Engineering Tips
Vertex AI Gemini Prompt Engineering Tips
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
Dev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio WebDev Dives: Streamline document processing with UiPath Studio Web
Dev Dives: Streamline document processing with UiPath Studio Web
 
Streamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project SetupStreamlining Python Development: A Guide to a Modern Project Setup
Streamlining Python Development: A Guide to a Modern Project Setup
 
Story boards and shot lists for my a level piece
Story boards and shot lists for my a level pieceStory boards and shot lists for my a level piece
Story boards and shot lists for my a level piece
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 
Scanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL CertsScanning the Internet for External Cloud Exposures via SSL Certs
Scanning the Internet for External Cloud Exposures via SSL Certs
 
Powerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time ClashPowerpoint exploring the locations used in television show Time Clash
Powerpoint exploring the locations used in television show Time Clash
 
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo DayH2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
H2O.ai CEO/Founder: Sri Ambati Keynote at Wells Fargo Day
 
TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024TeamStation AI System Report LATAM IT Salaries 2024
TeamStation AI System Report LATAM IT Salaries 2024
 

Mobile App-Store Enhanced Architecture with Pro-active Security Control

  • 1. Mobile App-Store Abstract: A pro-active mobile security control system around the apps submission process that Enhanced Architecture identifies and prevents publishing malicious intent apps on the stores is very much required. with Pro-active Security This white-paper highlights modification in the generic architecture of an app-store for pro- Control actively integrating the apps security control system and that can fit or plug-in into the existing Author app-stores easily. Rajesh Kumar Mobile Security R&D and Services 7th November 2011 © Tech Mahindra Limited 2010 © Tech Mahindra Limited 2011
  • 2. Table of Contents Table of Contents ............................................................................ 1 Introduction .................................................................................... 2 Apps Development and Distribution .................................................. 2 The App Store Architecture .............................................................. 3 Enhanced Architecture with Pro-active Security Control ..................... 4 Apps Security Module ...................................................................... 5 Security Test Scope .......................................................................... 5 About Author .................................................................................. 6 About Tech Mahindra Limited .......................................................... 6 1 © Tech Mahindra Limited 2011
  • 3. Introduction Smartphones are enjoying ever-increasing users, business and popularity today. The integration of new high-speed wireless technologies, multimedia capabilities, document editors, millions of social-sites users, availability of centralized apps- stores, and new generation developers, previously found on Personal Computers, is leading the smartphones becoming real powerhouses. This has also brought cyber risks, not only the malware infecting the operations of phone, but also phishing of applications, targeting users with Trojans and Spywares for stealing personal information, high billing by making hidden calls and sms to premium numbers, and malvertising. As smart-phones have small apps widely downloaded from centralized app-stores free or commercially, they are exposed to additional risks: they are also an attractive way for hackers for centralized distribution of a malicious app embedded with financial fraud and network traffic generator. Currently most of the stores are implemented with certificate based trust-chain and abuse reporting by end-users which are not sufficient to control security incidents reported in malware apps. To avoid such scenarios, app-stores should employ pro-active malware and security assessment and control systems for mobile apps in the app-store infrastructure. This security system will result in a way where only safe apps are published in the apps- store and thus protecting billions of downloading by million of users from thousands of malware apps. Apps Development and Distribution Mobile App-stores are evolving and million of users visit for downloading latest apps making it the primary distribution channels for 45% of developers across platforms. Three platforms namely Android, iOS and Mobile-web are leading among developers as surveyed and published by app-store analysts. Many dedicated app stores for the classified customers, enterprise and business applications can be launched in future. 2 © Tech Mahindra Limited 2011
  • 4. The App Store Architecture Hackers are effectively able to turn mobile malware into biggest consumer problem. Bank users are relatively increasing who bank from their mobile devices. If we add application zero-day vulnerabilities into current mobile malware threats, the risk will be catastrophic. In the current app-store architecture, security system is not adopted as part in the apps publishing infrastructure or its life-cycle. In general, an app store includes following main key components as depicted in the below figure.  Administrative console,  Product catalogs,  A central apps/content repository, and  Sales promotional channels. 3 © Tech Mahindra Limited 2011
  • 5. Enhanced Architecture with Pro-active Security Control Hackers and fraudsters are two steps ahead in acquiring tools and techniques to effectively turn mobile malware and application vulnerabilities into the biggest security problem. This brings challenges for security vendors and content providers like Google, Android-market and others to take-off 50 or more malicious apps from their app-stores after thousand of users have already downloaded and reported. This mitigation mechanism cannot effectively stop the malware apps getting published in the stores. Publishers can black-list old user-ids and certificates which can be overridden or bypassed by creation of new user-ids and certificates. Building a power-packed fraudulent application for stealing and abusing identity, financial fraud, malware repackaging is almost simple. Distributing these apps on the apps-store is even simpler. A pro-active mobile security control system around the apps submission process that identifies and prevents publishing malicious intent apps on the stores is very much required. The current app-store architecture needs to be augmented with in- line security module. This modified architecture is integrated with a pro-active mobile apps security control system that can fit or plug-in into the existing app-store easily as depicted in the below figure. This mitigation mechanism would be effective for discarding or denying the malware intent apps and vulnerability exposed apps in the apps submission process by the security system scanner pro-actively. 4 © Tech Mahindra Limited 2011
  • 6. Apps Security Module When the developer decides to self publish the app in the App-store as free or paid subscription, the in-line comprehensive security test should be activated that consists of all or some of the below sub-modules for each application. 1. Malware Intent test 2. Anti-virus and Anti-malware test 3. Dynamic behavior security test 4. Secure code-review test Security Test Scope Following security checks are the minimum to be done for any apps in the process of publishing to the app-store. Malware review Financial Fraud Unsecure Connectivity System Control and Resource Exhaustion Test Vulnerable Interfaces Network Traffic Analysis Secure Programming This would marginally reduce the Rogue applications, malicious websites, malware in the app-store among top mobile threats. 5 © Tech Mahindra Limited 2011
  • 7. About Author Rajesh Kumar leads Mobile Security R&D and Services in Tech Mahindra Limited. His 18 years of industry experience begins along with the evolvement of application proxy and network firewalling security system. His current assignment includes development of mobile security control systems and services around mobile apps, mobile networks, and enterprise mobility. He developed various enterprise systems, network services and their architectures while working with Indian Space Research Organization, ISRO in his earlier organization. His qualifications include Bachelor of Engg in Computer science & engg subject from BIT Sindri, India and Post Graduate Certificate in Business management from XIM Bhubaneswar, India. About Tech Mahindra Limited Tech Mahindra has in-house developed App-store security solution and service ‘MobiSecure’ to check malicious apps before them getting published in the app- store. The service is capable of testing thousands of mobile apps that are ready in a day. Tech Mahindra is part of the US $12.5 billion Mahindra Group, in partnership with British Telecommunications plc (BT), one of the world’s leading communications service providers. Focused primarily on the telecommunications industry, Tech Mahindra is a leading global systems integrator and business transformation consulting organization. Tech Mahindra has recently expanded its IT portfolio by acquiring the leading global business and information technology services company, Mahindra Satyam (earlier known as Satyam Computer Services). Tech Mahindra’s capabilities spread across a broad spectrum, including Business Support Systems (BSS), Operations Support Systems (OSS), Network Design & Engineering, Next Generation Networks, Mobility Solutions, Security consulting and Testing. The solutions portfolio includes Consulting, Application Development & Management, Network Services, Solution Integration, Product Engineering, Infrastructure Managed Services, Remote Infrastructure Management and BSG (comprises BPO, Services and Consulting). With an array of service offerings for TSPs, TEMs and ISVs, Tech Mahindra is a chosen transformation partner for several leading wireline, wireless and broadband operators in Europe, Asia-Pacific and North America. For Security Services, kindly visit our website http://www.techmahindra.com/security/ For further information or to have a sales representative contact you, mail at security.sales@techmahindra.com. 6 © Tech Mahindra Limited 2011