Regulators, standards bodies and IT auditors have become increasingly likely to recommend an absolute prohibition of running critical applications on compromised devices. For example, the 2017 PCI Mobile Payment Acceptance Security Guidelines state, “Bypassing permissions can allow untrusted security decisions to be made, thus increasing the number of possible attack vectors.”
Protect your Code, Validate the Environment, Protect your Customer's Data.
- Because data is created, accessed, and changed through applications, protecting your applications (and validating the environment in which they run) is a key component to protecting your data.
- Adding application protection to your secure software development lifecycle will make it more difficult for people and machines to exploit them.
- It is only natural that the apps themselves rise up to act as a ubiquitous governance, risk, and compliance management layer – preventing, detecting, responding, and reporting on threats - including those posed by unauthorized rooted devices.
PCI Mobile Payment Security Guidelines - Section 4.3 Prevent Escalation of Privileges
Controls should exist to prevent the escalation of privileges on the device (e.g., root or group privileges). Bypassing permissions can allow untrusted security decisions to be made, thus increasing the number of possible attack vectors. Therefore, the device should be monitored for activities that defeat operating system security controls—e.g., jailbreaking or rooting—and, when detected, the device should be quarantined by a solution that removes it from the network, removes the payment-acceptance application from the device, or disables the payment application.
Offline jailbreak and root detection and auto quarantine are key since some attackers may attempt to put the device in an offline state to further circumvent detection. Hardening of the application is a method to that may help prevent escalation of privileges in a mobile device.
Help with Compliance and More
PreEmptive Solutions helps organizations protect their applications from hacker attacks by hardening and shielding their applications. This makes them more resilient to tampering and run time probing attacks; and also helps our customers be compliant with regulatory and industry standards including PCI, HIPAA, GDPR, OWASP, among others. By hindering application attacks, we help protect our customers from financial loss, intellectual property theft, brand damage, stolen credentials / fraud, and non-compliance with standards.