Cyber Security Issues For The Mobile Industry

The widespread availability of spyware, and international scandal over the  technology being used to intercept and monitor supposedly secure communications platforms is combining with growing concerns of the security of 5G network technology to undermine confidence in the mobile industry.

More and more mobile users are aware that their smartphones and the networks that they rely upon are a lot more vulnerable than they thought. 

Against this backdrop, Members of the Board of Directors at The Mobile Ecosystem Forum were asked to consider cyber security issues and share their predictions for the mobile industry in 2023.

 

Verifiable Credentials Will Gain Major Traction

In 2023 we will see the use of Verifiable Credentials start to gain real traction. It's the next generation of digital identity in which people keep their identity information in their own personal digital vault rather than it being managed by a third party. 

The important thing for the industry to keep in mind is that everything about transactions will be standardised by brand new World Wide Web Consortium (W3C) standards. So, the key to this is not the technology but the W3C standards. 

However, as the technology converges around this issue, we will see some great solutions that will create a new layer of trust around verified credentials. This will benefit everyone, especially those in developing countries where bank accounts and documentation are less common. With trusted verified credentials, people in these regions will suddenly be able to access a whole range of services that were previously closed off to them. I think that’s going to be a real game-changer.  Contributed by Andrew Bud, CEO of iProov

IOT Security Standards Are Coming

With the increasing number and complexity of Internet of Things (IoT) devices and the amount of sensitive data they collect and transmit, security is a critical concern. Ensuring the security of IoT systems is essential both for protecting the privacy and safety of individuals and organisations, as well as maintaining the integrity and reliability of critical infrastructure.

Unfortunately, the industry is failing to self-regulate when it comes to IoT security. Paying a premium to enforce IoT security or standards isn’t profitable, so there is no incentive for device manufacturers to worry. As a result, regulators are currently grappling with the issue and, I expect, will be publishing legislation in 2023.

Manufacturers will need to address security issues by embedding measures such as encryption, authentication, access control, and vulnerability management into their IoT devices. So, prepare now!  Contributed by Dawood Ghalaieny, CEO of Zariot

Mobile Operators Offering New Identity Services

Currently, mobile operators are really struggling to find ways to grow their revenues beyond traditional services: voice, SMS and data. Yet, one asset mobile operators can monetise is mobile identity.

Over the coming year, I expect we will see a breakout of systems whereby enterprise can query mobile operators to verify a customer’s age, address, credit status, etc. This information is known and verified by mobile operators to establish a contract, and it is tied to a unique number: a phone number. So, phone numbers could become the unique identifier to verify all this information. 

It will be interesting to see how enterprise will take all those pieces of information and use it to formulate an opinion on a customer that can be used and monetised. It would make things much easier for customers - rather than filling out forms and completing Know Your Customer (KYC) data, they could simply link their mobile number. In turn, this would also be very helpful to businesses. Contributed by Jason Lunn is Global Connectivity, CPaaS at Cisco 

Preventing Fraud Will Become Essential

As the global technology market has grown, so too has a shadow economy of fake accounts. Robots set up fake accounts which are then served ads, draining advertising budget with no benefit. It’s also hard to estimate the size of this shadow economy - it could already be very big.

Telecoms operators play a key role in this economy. Take social media, for example. There are thousands of robots creating fake accounts, with lots of SMS being sent to activate and serve those fake accounts.

On the other side, mobile customers are receiving an unprecedented level of fraudulent phishing (or ‘smishing’ as we call it for SMS) messages with dangerous links.

To help combat these issues, a lot of organisations are currently working on more holistic, 360-degree solutions which would combine multiple data sources into a data pool to analyse and come out with intelligent identification of possible fraudulent transactions as soon as they're triggered.

By using artificial intelligence and machine learning for fraud prevention, organisations will be able to identify patterns immediately and flag off possible situations of fraud and phishing/smishing. They can then intercept these fraudulent or spurious links, displaying a landing page where a user is notified that it’s possibly a fraudulent page, similar to the warnings users get in the likes of Google Chrome. They will also, then, be able to track and block these fraudulent accounts more quickly, making fraud much harder to commit.  Contributed by Anurag Aggarwal is VP Partnership and Alliances at Tanla.

 

Dario Betti is CEO of the Mobile Ecosystem Forum 

You Might Also Read: 

Conversational Commerce Is Going To Be Big - But Could Be Risky:

____________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible


 

« Building An Identity-First Security Strategy
Europol Arrest Crypto Currency Fraud Gang »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Wibu-Systems

Wibu-Systems

Wibu-Systems is a leading provider of solutions for the Digital Rights Management (DRM) and anti-piracy industry.

Athena Dynamics

Athena Dynamics

Athena Dynamics focuses on Cyber Security, especially in Critical Information Infra-structure Protection and Enterprise IT Operation Management products and Services.

Deep Instinct

Deep Instinct

Deep Instinct provides comprehensive defense that is designed to protect against the most evasive unknown malware in real-time, across an organization’s endpoints, servers, and mobile devices.

RazorSecure

RazorSecure

RazorSecure offers products and services to enhance railway cyber security, by protecting and monitoring networks and key systems.

Virsec Systems

Virsec Systems

Virsec detects and remediates previously “indefensible” advanced memory-based attacks on critical applications and server endpoints.

Rentalworks

Rentalworks

Rentalworks is a leading provider of Internet-of-Things (IoT) Asset Lifecycle Management Services including secure data erasure and disposal.

ePLDT

ePLDT

ePLDT delivers best-in-class digital business solutions that include Cloud, Cyber Security, purpose-built Data Center facilities and Managed IT Services.

Penten

Penten

Penten is an Australian-based cyber security company focused on innovation in secure mobility and applied AI (artificial intelligence).

Inflexor Ventures

Inflexor Ventures

Inflexor Ventures is a technology focused venture capital firm that invests in early stage companies from seed to Series-A+ stages.

CyberSheath Services International

CyberSheath Services International

CyberSheath integrates your compliance and threat mitigation efforts and eliminates redundant security practices that don’t improve and in fact might probably weaken your security posture.

Tetra Tech

Tetra Tech

Tetra Tech is a cybersecurity leader with extensive experience in supporting enterprise-wide programs and systems across multiple business lines from industrial control systems to health IT.

Quantum eMotion (QeM)

Quantum eMotion (QeM)

Quantum eMotion is a Montreal-based advanced developer leading the way towards a new generation of quantum-safe encryption for the quantum computing age.

Blink Ops

Blink Ops

Blink helps security teams streamline everyday workflows and protect your organization better.

Delta Partners

Delta Partners

Delta Partners is a venture capital firm investing in Ireland and the United Kingdom with a strong focus on early stage technology companies.

ThreatDown

ThreatDown

ThreatDown, powered by Malwarebytes, is on a mission to overpower threats and empower IT by removing the complexity of detecting and stopping today’s most advanced threats.

Coastline Cybersecurity

Coastline Cybersecurity

Coastline Cyber is a cybersecurity consulting firm dedicated to helping organizations strengthen their security posture by reducing risks, mitigating threats, and protecting against attacks.