Mobile threats are increasing both in prevalence and sophistication. They are global and found everywhere, and mobile apps are critically vulnerable.
Enterprises create mobile apps to speed work, increase customer satisfaction and grow revenue. Security, however, is usually not a core corporate expertise. Although these apps can access confidential data, they are also delivered to the unmanaged devices of customers and partners. As such, they are increasingly used as a vector for attacking enterprise infrastructure.
The Zimperium® In-App Protection (zIAP™) SDK ensures that mobile applications remain safe from cyberattacks by providing immediate device risk assessments and threat alerts. Organizations can minimize exposure of their sensitive data, and prevent their customers and partners’ data from being jeopardized by malicious and fraudulent activity.
“Zimperium’s on-device mobile threat protection technology is well-suited to providing In-App Protection from both known and, hugely importantly, unknown threats.”
zIAP™ embeds the z9™ engine, the heart of the zIPS™ app, inside mobile applications. This means that it can determine if a device is compromised. When a device is under attack, zIAP™ informs the app and initiates risk mitigation actions, such as:
zIAP™ is completely configurable by app developers. They can select whatever remedial action should apply to corporate, partner or customer apps.
The zIAP™ SDK allows organizations to deliver self-protecting iOS and Android apps, and to implement custom workflows:
Embed the z9™ engine within applications by using an easy-to-implement software development kit that works with common development platforms. Developers can spend more time developing without worrying about security.
Ensure mobile app protection against mobile cyberattacks. To safeguard sensitive data -- particularly in customer/partner transactions -- you can implement custom auto-response workflows with the intelligence that zIAP™ injects in your application.
Let’s take a look at a few use case scenarios and see what a developer can do in the event that a device is compromised. All of these applications require deep understanding of a device’s security status. Zimperium® takes care of the threat detection part for you. The only thing you need to do is apply a customized policy for your app.
When a device is compromised, zIAP™ will alert your app via a special call-back function. Some of the actions you can take include:
Delete the wallet from the app, and restore it later from a device that has not been compromised.
Delete the messages and exit before the attacker reads your message database or dumps your RAM.
Ban all transactions on the compromised device, and reset the user’s password.