Mobile hacking and electronic fraud is on the rise. A major Australian financial institution has reported that electronic fraud incidents have doubled in the last nine months, giving a clear indication of this increasing trend. The main reasons for this are insecure transactions and mobile platforms, particularly through jailbroken devices.
A jailbroken mobile phone permits a user access to the phone’s root directory, allowing them to have remote access to their phones and install applications not available through the Apple App Store and therefore, not sanctioned by Apple. These applications can be insecure as they have not been tested by Apple and may contain viruses. Furthermore, turning on remote access capabilities opens the phone to unauthorised exploitation, especially if the default root passwords have not been changed.
Given the costly and detrimental implications should a company database be hacked through a company application, certain security measures need to be taken when developing a phone application to mitigate these risks. While it is not possible to stop an employee from jailbreaking a company phone, other measures can be taken.
“To protect company data from malicious access, it should be encrypted on the company’s server-side. If the data is hacked, it will be meaningless without the mechanism to decrypt the data,” advised Kareem Tawansi, CEO of software development provider, Solentive Software.