Transcript
DIGIPASS for APPS
DIGIPASS for Apps - RASP ®
Defeat mobile application attacks with complete protection from the inside out Today, businesses develop and market their own mobile apps at a feverish pace, driving a significant increase in the attack surface and related fraud. At the center of this threat are hackers that release malware exploiting mobile OS vulnerabilities – injecting code into apps to modify behavior and ultimately steal data – invisible to the user. DIGIPASS for Apps – Runtime Application Self-Protection (RASP) equips businesses with strong, natively integrated application security that dynamically detects and mitigates these attacks.
SECURE SENSITIVE DATA
HOW IT WORKS
RASP proactively protects against zero-day and other targeted attacks, allowing mobile business apps to run securely, blocking the foreign code from working or shutting down the application if a threat to data exists. Integrating RASP into mobile apps ensures the complete integrity of the apps and fully protects sensitive business and personal data from cybercriminals.
RASP ensures the integrity of mobile apps in three ways: Protect, Detect and React. It protects the trusted mobile application by preventing reverse engineering techniques via code obfuscation and anti-repackaging technology.
INTEGRATED PROTECTION RASP wraps around the application code to protect against foreign code injection. Even if a device becomes infected with malware, including system components such as screen-reader or key logging on Android, RASP technology will detect and prevent that code from running.
PROTECT MYAPP
Reverse Engineering Protection • Code Obfuscation • Asset Encryption
It actively detects malicious key logging, screen readers, repackaged applications, debuggers and emulators, and jailbroken or rooted devices. It can then react to prevent screenshots, block screen duplication, or enable customized actions based on business policy (i.e. Application shut down).
STRENGTHEN APPLICATION SECURITY RASP provides an extensive list of features that are easy to integrate and invisible to the end user. As a result, RASP allows businesses to extend and strengthen application security, protect customers and meet aggressive application development timelines.
DETECT Screen Mirroring
Overlay Attack
Code Injection
Repackaging
Emulators
Screen Shots
Screen Readers
Key Logging
Jailbreak/ Rooted Devices
Debuggers
REACT REPORT (MALICIOUS ACTIVITY)
STOP (INFECTED APP)
A global leader in authentication, electronic signatures, and identity management
www.vasco.com
DIGIPASS for APPS
RUNTIME APPLICATION SELF-PROTECTION INCLUDES
DIGIPASS FOR APPS
• Overlay Detection
RASP is available as an optional feature in DIGIPASS for Apps. DIGIPASS for Apps provides the most extensive list of features that seamlessly integrates identity/authentication, application protection, secure communications and electronic signing into almost any mobile
• Jailbreak & Root Detection • Active Memory Zeroing • Secure Storage + Device Binding
application.
• Anti-Code Injection
Runtime Application Self-Protection
• Anti-Key Logging • Anti-Screen Reader
Jailbreak & Root Detection
• Anti-System Screen shots • Anti-Screen Mirroring and External Monitors • Anti-Re-Packaging Protection • Debugger & VM Debuggers Prevention • Runtime Protection– Integrity Check • Emulator Detection • Obfuscation
Behavioral Authentication Face Authentication
Device Identification
Fingerprint Authentication
Geolocation
Risk Based Authentication
Device Binding
CRONTO® Authentication
Secure Storage
QR Code Support
Secure Channel
Transaction Signing
E-Signatures
Push Notification
TECHNICAL SPECIFICATIONS RASP supports iOS as of version 6.0 that needs to be linked to a host application. The framework is currently provided for the following architectures: • armv7 • armv7s • arm64 • i386 • x86_64
RASP supports Google Android 2.3 and later. The following CPU architectures are currently supported: • armeabi • armeabi-v7a • armeabi-v8a • mips • x86 • x86_64
About VASCO VASCO is a leading supplier of strong authentication and e-signature solutions and services specializing in Internet Security applications and transactions. VASCO has positioned itself as global software company for Internet Security and designs, develops, markets and supports DIGIPASS®, CertiID™, VACMAN®, IDENTIKEY® and aXsGUARD® authentication products. VASCO’s prime markets are the financial sector, enterprise security, e-commerce and e-government.
www.vasco.com I N T E R N AT I O N A L H Q ZURICH (Europe) phone: +41 43 555 3500 email:
[email protected]
C O R P O R AT E H Q CHICAGO (North America) phone: +1 630 932 88 44
[email protected]
BRUSSELS (EUROPE) phone: +32.2.609.97.00 email:
[email protected]
BOSTON (NORTH AMERICA) phone: +1.508.281.66.70 email:
[email protected]
S Y D N E Y ( PA C I F I C ) phone: +61.2.8061.3700 email:
[email protected]
SINGAPORE (ASIA) phone: +65.6323.0906 email:
[email protected]
Copyright © 2017 VASCO Data Security, Inc, VASCO Data Security International GmbH. All rights reserved. VASCO®, Vacman®, IDENTIKEY®, aXsGUARD®, ® DIGIPASS® and logo are registered or unregistered trademarks of VASCO Data Security, Inc. and/or VASCO Data Security International GmbH in the U.S. and other countries. VASCO Data Security, Inc. and/or VASCO Data Security International GmbH own or are licensed under all title, rights and interest in VASCO Products, updates and upgrades thereof, including copyrights, patent rights, trade secret rights, mask work rights, database rights and all other intellectual and industrial property rights in the U.S. and other countries. Microsoft and Windows are trademarks or registered trademarks of Microsoft Corporation. Other names may be trademarks of their respective owners. DS-201703
