Mobile Security for Retail & Point of Sales

Mobile Threat Defense


Retail companies have a love/hate relationship with mobile technology. To avoid losses to “showrooming” by customers with mobile devices, who are comparing in-store prices with online prices and checking peer reviews, the retail industry is under constant pressure to innovate for omnichannel. Retailers must add value to the customer experience beyond simply competing on price.

Faster means of payment, ordering and returns, customer loyalty programs, better product advice, technical support, devices for in-store and field employees, home delivery and configuration apps, are just some of the mobile-enabled tools retailers are leveraging to acquire and retain customers. However, most of these growth-fueling initiatives come with a hidden security risk. Retail mobile apps and mobile devices are prime attack targets for hackers and cybercriminals.

A strong mobile threat defense posture is required for survival against monetary and reputational damage cyberattacks can cause any retail business.

Mobile Malware
“Mobile malware has not been an issue in the eyes of enterprises so far. However, mobile attacks (Pegasus, XcodeGhost) and vulnerabilities (Stagefright, Heartbleed) are increasing in terms of both number and pragmatism. Enterprises are now looking for solutions that can enhance their mobile security posture. Mobile threat defense (MTD) solutions combine signature-based checks with behavioral anomaly detection on the device, network and app layer.”

Gartner Predicts 2017: Endpoint and Mobile Security, Analyst(s): John Girard | Dionisio Zumerle | Brian Reed | Peter Firstbrook | Bart Willemsen, 16 November 2016


One thing you can be sure of: wherever money changes hands is a cybercriminal’s favorite haunt, and retail stores certainly fit that description. The modern snatch-and-grab attack surface of choice for retail hackers are the millions of smartphones carried by customers, point-of-sale (POS) devices and mobile retail apps used to transact with customers.

Cyber thieves are employing device, network and application (“DNA”) attacks to steal account and payment information, undermine customer privacy, and cause damage to retailers. These mobile threats include conventional cyberattacks such as email phishing, fake customer support phone calls and SMS messages with malware download links, as well as more advanced methods including Wi-Fi network spoofing, malware and “fake retail app” delivery, ransomware, and takeover of any devices (including IoT devices often found in retail) that are connected to the Internet.

Protecting customer devices and data

While current iOS and Android devices have built-in security features, these platforms are constantly evolving. New vulnerabilities are discovered every day, and new OS updates are constantly published to answer them. Customers, as well as employees who are using their own devices in a bring-your-own-device (BYOD) scenario, are seldom up-to-date on these changes, and often unaware of behaviors that expose private data on their devices. To increase the challenge, there are privacy policies and international regulations in place that limit the control and access the retailer can have over the end user’s device and the data on it for security management purposes. It is up to the retailer to shore up mobile security.

Preventing rogue network attacks

Securing your corporate and in-store networks may not be enough to prevent new forms of network attacks. Customers increasingly demand free Wi-Fi access from retail establishments as a perk. Hackers can set up a fake “Free Wi-Fi” access point to lure people to connect, then act as a Man-in-the-Middle (MITM) to capture private data from customers, and possibly take control of their devices.

Payment hijacking and retail malware

With mobile payments poised to reach $142 Billion in the US alone by 2019, PayPal, Samsung Pay, Apple Pay, Google Wallet, Amazon Pay and many others are competing with the major card services providers to handle retail POS transactions. Honoring mobile payment approaches in your own integrations can leave an insecure opening for cybercriminals if they can compromise a device in the payment chain.

To compete with online retailers and other stores, many companies are also delivering their own branded iPhone and Android apps to deliver a multichannel shopping and loyalty experience for customers. Apps themselves may be an attack surface for data theft and unwanted adware interference, enticing customers to download or log in to fake versions of retailer-branded apps, which can steal customer data and money.

All forms of mobile-based fraud are particularly damaging to retailers, as merchants are frequently held liable for security lapses, losing money and brand reputation due to cyberattacks.

Potential Threats in Retail

Point of Sale kiosks

Point of Sale kiosks

Devices for sales associates in store

Devices for sales associates in store

In-store Wi-Fi rogue network

In-store Wi-Fi rogue network


IoT device

Scanners in store

Loss prevention and other scanners in store

Mobile apps for customers

Mobile apps for customers


Retailers can leverage Zimperium’s world-class Mobile Threat Defense platform to detect and resolve advanced cyberattacks at all of the exposed mobile touchpoints in the enterprise. With very little effort, retail security and development teams gain on-device and in-app protection from mobile attacks, with active visibility into the threat landscape that is impacting their customer base and store operations.

On-device protection made easy

With a simple download, Zimperium’s zIPS™ app provides real time self-service mobile threat detection and defense for Android and iOS mobile devices against device-level intrusion, network-based (or MITM) attacks, and unwanted application installs and malware. Retail InfoSec or development teams can pre-install zIPS as a retail mobile security app on issued user devices, and BYOD users or authorized customers can simply download and install the app from trusted stores (Apple App Store or Google Play).

In-App threat protection SDK

Embed cyber security into the apps you deliver to customers and employees with zIAP™ (In-App Protection). This innovative SDK allows developers to immunize mobile apps with world-class security to help prevent data breaches and mobile payment fraud in minutes. zIAP is completely configurable by developers to detect and remediate threats to a device, including detection of suspicious user behaviors, network attacks and interference from other apps.

Self-protecting apps equipped with zIAP are alerted via API to take immediate action according to the policies set by the app publisher or developer. Enable your app to report fraudulent activity, observe if another app is making unauthorized requests or unwanted downloads, shut down a user session, run in read-only mode, delete cache or force a password reset to protect payment data when threats are detected.

Real-time threat detection engine

Whether the Zimperium MTD platform is running as a standalone Android or iOS security app, or embedded within the retailer’s app, the mobile device gains real-time awareness to known and unknown threat behaviors acting against it. The user can be immediately alerted to threats, can resolve them locally, and have forensics sent to the retailer’s security team. Zimperium’s z9 engine automatically detects and remediates issues on-device, rather than requiring an Internet connection, admin privileges or tunneling to a cloud service. This approach keeps customer and employee data private and secure on the device without impacting performance. Threats at the device, network, and app level are reported to a company’s InfoSec team for tracking and compliance without compromising privacy regulations.

Contact Us to Begin an Evaluation