3. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
PREMISES - SALES VOLUMES
3
Smartphone purchase reached almost 1,5 billions in 2015 with a 8,5% growth from 2014.
Consumers purchased more than 490 millions in 2014 third quarter with a 4,9% growth
compared to the same trimester in 2013.
Manufacturer
2015* Shipment
Volumes
2015 Market Share
2015 Year-Over-
Year Growth
2019 Shipment
Volumes
2019 Market Share
2019 Year-Over-
Year Growth
5-Year CAGR
Android 1,149.3 79.4% 8.5% 1,524.1 79.0% 5.0% 7.5%
iOS 237.0 16.4% 23.0% 274.5 14.2% 3.0% 7.3%
Windows Phone 46.8 3.2% 34.1% 103.5 5.4% 13.6% 24.3%
Others 14.2 1.0% 3.9% 26.3 1.4% 7.5% 14.0%
TOTAL 1,447.3 100.0% 11.3% 1,928.4 100.0% 5.1% 8.2%
*=millions
4. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
PREMISES - DATA USAGE
4
Mobile data traffic reached quota 1.600 PetaBytes in the second half of 2013 with
a more than exponential trend.
Q1 Q2 Q3 Q4
Ø
2007
400
800
1.200
1.600
2.000
Voice
Total(uplink+downlink)monthlytraffic(PetaBytes)
Source. Ericsson (August 2013)
Data
2008 2009 2010 2011 2012 2013
Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2 Q3 Q4 Q1 Q2
5. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
PREMISES - ADDICTION AND TIME SPENT
5
Mobile addiction continue its
rise among all user ranges.
Flurry research into mobile addicts.
Flurry on time spent and revenue on TV vs Mobile
In the US the average time spent
using apps has exceeded TV
watching.
In 2015 in UK 55% of smartphone
users spend at least 1 hour a day
7. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
WHAT NOW?
7
Internet is going Mobile
Business is going Mobile
Risks are going Mobile
8. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
HOW MUCH DO WE TRUST OUR PHONE?
8
what you buy
how you use your phone
who you are
your relationships
where you are = your habits and places
your conversations
your memories
what you see
what you say
your internet traffic
TOO
MUCH.
Probably you don’t trust even your
friends to share with them all these
details of your life.
and remember…
your phone applications run on
background and access your
informations even when you are
not using it and hen you’re not
aware they’re doing it.
9. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
HOW MUCH DO WE TRUST OUR NEIGHBOR?
9
TOO
MUCH.
They constantly gather users
information and behavior.
They are constantly profiling our
customers and they lead the Big
Data frontier.
and remember...
your applications share base
informations with all these big
players for service and adv
purpose.
You’d better check what is shared
on purpose and what is left
behind by mistake.
10. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
HOW MUCH DO WE TRUST OUR APPS?
10
TOO
MUCH.
Our App can be our first backdoor
and trojan horse to access our
legacy systems.
Once a malicious intent reaches our
systems it is easy to stole all of our
best assets:
- customer data
- customer behaviors and use
- transactions
- know how
- sensible informations
- access to defacement and
communication points hacks
11. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
MOBILE FRAUDS AND MONEY LOSS
11
Major Data Breach at JP Morgan Chase Hits 76 Million
JP Morgan Chase, one of the world largest bank in terms of assets,
acknowledged a massive data breach that affected 76 million households and
7 million small businesses.
Bill Hardekopf
Symantec estimates the average cost of a mobile incident at a staggering $429,000.
remediation
refund
loss of trust
(a customer who doesn’t
trust you is a new customer
for your competitors)
Apple cleaning up iOS App Store after first major attack
The company disclosed the effort after several cyber security firms reported finding a
malicious program dubbed XcodeGhost that was embedded in hundreds of legitimate
apps.
By Jim Finkle | REUTERS BOSTON
12. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
WHAT WE CAN GIVE TO OUR CUSTOMERS
12
100% security is a chimera. But Mobisec can get closer to it.
Average actual exposure
of mobile apps to fraud
and breach risks
Mobisec Security raises significantly
the safety, security and protection
of your mobile application
14. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
STATE OF THE ART
14
Mobisec Italia is an Italian startup born in april 2015.
The first product has been engineered and implemented since early
2013, by Alessandro Nepoti (technical leader and CTO) and Alberto
Zannol (Product Officer, CEO).
In the last months of 2014 after several months of study and
prototyping, the final candidate was released.
In April the company was founded with an industrial strategic partner
and now it is starting to operate in the market with the first product
Mobisec Security Analysis.
16. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
WHAT IS MOBISEC
16
Mobisec Security Analysis is a client and server application platform
to ensure that mobile applications are not exposed to design and
implementation vulnerabilities.
Its competitive differential is that on top of routine static checks that
other market solutions can already perform on mobile applications,
Mobisec Security Analysis verify and ensure that also the structure,
design and components security is safe and that your distributed
application can run on a mobile system without any kind of threat or
danger.
Mobisec Security Analysis base its security check procedures on
ethical hacking principles, following all the dynamic use cases needed
to perform a complete security check:
• penetration test
• vulnerability assessment
• security audit
17. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
WHAT MAKES MOBISEC DIFFERENT?
17
We can find different security solutions on the market, but they only
ensure static security verifications or malware/virus scan.
That is not what Mobisec Security Analysis has been released for.
Borrowing from scientific world, security check applications or
antivirus run on a diagnosis & remedy base.
Mobisec Security Analysis is not a doctor, is more like a geneticist,
that check base rationals, design patterns, product architecture and
models to check and prevent not only declared security problems, but
also all those defects and design errors that may incur in security
threats, combining security blueprints and guidelines with design and
architectural and implementation models.
18. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
WHAT MAKES MOBISEC DIFFERENT?
18
Competitors
Diagnosis & remedy 1 at a time
(medic)
Short term validity
Mobisec Security Analysis
From design, to implementation, to
dynamic use (geneticist)
Every day during the whole life cycle
of the app
3 to 5 weeks for a security report 1 to 2 days for a security report
EXPENSIVE for a one-time
full security analysis
cheap fee for a year subscription
(infinite runs, infinite reports)
analysis carried within the app sandbox analysis carried on the app sandbox,
communications with other apps and
with the OS even when in background
source code, tech docs & details black box approach
19. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
WHAT MOBISEC PROTECTS
19
Mobisec Security Analysis checks every data, function, transaction,
component used by mobile applications during a customer session.
Our dynamic security analysis is aimed to protect:
• Corporate Data
• Company Business
• Consumer data
• Money transactions
• Mobile Payments
• Reserved informations
• Reserved or premium services
• Accounts and personal data
• Health private data
• Sensible informations
21. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
MOBISEC ANATOMY
21
Mobisec Security Analysis is a platform.
It is structured in 4 main components:
1. kext device agent (client)
2. service/events handler and data collector (services)
3. pattern matching engine (server - definitions, knowledge, matching
maps)
4. reporting master (server)
Each component interacts with the mobile application, its functions, its
processes, its mobile environment and the data and communications
that the application produce.
[ ]
Agent
[ ]
Services
(events and data collector)
[ ]
Matching
Engine
[ ]
Report
22. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
COMPONENTS
22
It’s the client component.
It is installed on device.
It is a OS kernel extension and its activity
generates events on the GUI and in the
mobile application components in order
to gather communications and triggers
activated during the mobile application
use.
We work at Kernel level. We track ALL
during your app use.
[ ]
AGENT
iOS Agent (c/objc application )
agent for any iDevice iOS 6.x/7.x/8.x
compliant.
Android Agent (c/Java application)
agent for any Android device 2.x/3.x/4.x
compliant.
Our model office is compliant with the
following configuration:
iOS: 7.x, 8.x, 9.x
Android: 3.x, 4.x, 5.x/6.x (1 for each big
vendor: Samsung, Nexus, HTC according
to actual market stats)
(iOS 9.x and Android 5.x on next release
1st half 2016)
23. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
COMPONENTS
23
Communication services between
agent and server.
It is a bidirectional communication
bus, full duplex, able to gather and
send to the server end all the data
registered by the agent during the
routines executions, but also to push
to the agent (from server) instructions
and directives to modify the agent
runtime (security hooks enable/
disable requests, fuzzy test,
frequency rate execution, scenarios,
test cases, etc.)
SERVICES
(events and data
collector and test
policies instructor)
[ ]
24. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
COMPONENTS
24
It is the interpretation logic of the
system.
It contains, for each application domain,
all the vulnerability and risk cases
known, the relational patterns that join
them to relate them and their risk level
and coexistence probability.
It’s a dynamic mongoDB database,
non-relational, extended on every
security analysis result patterns found
during all the test sessions.
It combines in an heuristic model all the
data gathered from the agent and
decides if any case, representing a
threat or not by itself, can be dangerous
if combined with other occurrences of
other vulnerabilities in the system.
[ ]
Matching
Engine
25. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
COMPONENTS
25
It contains the representation grammar
of all the data collected by the agent,
transmitted by the services and
processed by the Pattern Matching
Engine.
It’s a json-syle query engine that extracts
records and, with a jasper connector,
merges them in a pdf template,
according to the presentation and layout
model settings.
It can be also extended to feed real-time
report engine or ALM and configuration
management tools, to provide real-time
reports to the dev teams.
[ ]
REPORT MASTER
27. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
SCOPES AND DOMAINS
27
The Pattern Matching Engine combines the scopes, that we can call “investigation scopes”, with their
applicability domains to reach the right analysis target.
[ ]
MATCHING ENGINE
28. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
DOMAINS
28
The domains in which the solution operates and
order the data gathered by the agent are the
following:
1. Sensitive Data
2. Operations
3. Network
4. System
5. Untrusted Input
6. Broken Cryptography
29. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
ANALYSIS SCOPES
29
The coverage of these domains allow the solution to cover all these
security areas:
- Network vulnerabilities
- Insecure storage of sensitive data or lack in protection
- Insecure use of cryptography for transmitting data or for local
storage
- Weak session management
- Unauthorised access to other users’ accounts
- Untrusted input
- Well known platform vulnerabilities
- Errors triggering sensitive informations leaks
- Broken ACLs/Weak passwords
30. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
ANALYSIS TARGETS
30
To ensure the mobile target application follows the properties of
confidentiality, integrity, and availability, applying the Mobisec mobile
security model, the main concerns are about how to decompose the
system into relevant components and analyze in deep each of them
against spoofing, tampering, repudiation, information disclosure,
denial of service and elevation of privilege.
To apply the model, the system inspect five targets: data flows, data
stores, processes, interactors and the trust system boundaries.
31. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
ANALYSIS TARGETS 1/2
31
Data flows
Represent data in motion over network connections, named pipes, mail
slots, SMS channels, Phone Call and so on.
Data stores
Represent files, databases, properties keys, which resources are being
used and the how they are used.
Processes
Are computations or programs run by the user system or the kernel.
Mobisec can grant control not only within the app sandbox, but also on
other app and OS properties.
32. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
ANALYSIS TARGETS 2/2
32
Interactors
Are the end points of the system and they could be internals like user
interactions with the UI, Location sensors, Contacts, Phone etc. or
externals like Web services, Ads, etc.
In general, they are the data providers and consumers that are outside
the scope of your app and system, but clearly related to it.
Trust boundaries
Are perhaps the most subjective of all: these represent the border
between trusted and untrusted elements into the mobile operating
system and its trusted execution environment.
34. MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
TARGETS
34
Mobisec Security Analysis is aimed to be a solution for the whole
market chain. It protects the customer data and accounts, as well as the
companies business lines and customer base and it has also a strategic
value for agencies and system integrators and mobile app developers
as a knowledge best practice in secure software development.
2. Consumers 3. Developers / SI1. Companies
35. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
OUR CUSTOMERS
35
Mobisec Security Analysis has been released for al the market players
with dispositive/business/premium service or data mobile
applications, especially for these market verticals:
1.ecommerce & shopping
2.sensible data & privacy
3.self care & self service
4.dispositive services
5.communication and premium contents/services
36. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
OUR CUSTOMERS
36
The previous prospect classes designing a target profiling as follows:
1.banks & finance (1, 2, 3, 4, 5)
2.insurance (2, 3, 4)
3.betting & gaming (1, 2, 3, 4, 5)
4.Telco (1, 2, 3)
5.Healthcare (2, 3, 4)
6.PA and citizen services = health, public entities, etc. (2, 3, 4, 5)
7.ecommerce and b2c (1, 2, 4, 5)
8.b2b & corporate properties (1, 3, 4, 5)
37. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
COMPANIES - CUSTOMERS
37
eCommerce Privacy Self Care Services Communication
Banks & Finance
Insurances
Betting & gaming
Telco
Healthcare
B2B
B2C
PA
39. 04/04/16
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
SERVICE MODEL
39
Service proposition
service propositions for Mobisec Security Analysis is PaaS:
- laboratory inside Mobisec properties
- laboratory managed and operated by Mobisec technicians
- no need of dedicated staff for customers
- no HW and infrastructure costs for customers
- cve and software upgrades available real-time
- solution is ready for operations at time 0
- no need for source codes or detailed documentations
- no need for support during analysis phases
- no need for devices or mobile supplies
40. Thanks.
MobiSEC s.r.l. | Treviso - Via Municipio 6/A - 31100 Italy - Tel. +39 0422 968588
email: info@mobisec.it | P.Iva, C.F. e numero iscrizione al Registro delle Imprese di Treviso: 04735010268 | Capitale sociale € 10.000,00 i.v. REA TV-373846 |
www.mobisec.it
04/04/16
40
contacts: alberto.zannol@mobisec.it