Mobile Security to Protect Transactions | Retail & Mobile E-Commerce

Mobile Payments & Transactions Continue to Grow

Demand for contactless payments continues to surge as both consumers and merchants seek faster, more convenient, and safer methods to conduct transactions. E-commerce via mobile devices has grown into its own segment, M-Commerce. Software point of sale (SoftPOS) apps and technology advances have turned commercial off-the-shelf (COTS) phones and tablets into fully enabled, contactless mobile point-of-sale (mPOS) systems. These Contactless Payments on COTS (CPoC) applications accept payments using the near-field communication (NFC) interface in standard mobile devices, without requiring additional hardware. In addition to contactless payments using NFC, contactless payments via mobile apps have soared during recent years. This momentum has retailers constantly pushing new apps and new features, which often results in deprioritizing cybersecurity.

Mobile Point-of-Sale Devices in Retail Store
Woman Using Mobile Phone for Contactless Payment in Store

Meeting Compliance Requirements Related to Retail & Mobile Payment Processing

Due to the valuable nature of the data being processed, the European Commission and the Payment Card Industry (PCI) Security Standards Council defined compliance regulations. The European Commission’s Revised Payment Services Directive (also called “PSD2”) establishes rules covering all types of electronic and non-cash payments including mobile and online payments. The rules include strict security requirements for data protection, secure communication, and device and software integrity, and require that PSPs have mechanisms in place to mitigate failure of the required security measures. The PCI Security Standard (PCI DSS) is a set of security standards designed to ensure that all companies that accept, process, store or transmit credit card information maintain a secure environment.

Softpay Secures Mobile Payments for Retailers with Zimperium MAPS

Softpay made headlines when their solution helped 7-Eleven circumvent a cyberattack. Find out how Softpay’s due diligence and their existing partnership with Zimperium helped thwart the attack on 7-Eleven and prevented the closure of all their Danish stores for weeks.

Download Case Study

Secure Mobile Transactions with the Leader in Mobile Security

Retailers and organizations using m-commerce can leverage Zimperium’s world-class solutions to detect and resolve advanced cyberattacks at all exposed mobile touchpoints in the transaction. With very little effort, security and development teams gain on-device security and in-app protection from mobile attacks, with active visibility into the threat landscape that is impacting their customer base and store operations.

Businessman Paying For Lunch In Cafe From Smartphone

Secure the Mobile Devices Used for mPOS

Protect mobile devices used for transactions against device-level intrusion, network-based (or MITM) attacks, and unwanted application installs and malware, helping you meet the mobile mandates of PCI DSS requirements.

Learn About Mobile Device Security

Protect Cryptographic Keys within your Mobile App

Leverage white-box cryptography to protect keys within your mobile application and support PCI-DSS specifications, including separation of payment card and PIN data. Your keys cannot be extracted—even if the device itself has been breached.

Learn About Cryptographic Key Protection

Prevent Mobile App Reverse Engineering & Tampering

Add tamper-resistance, anti-reverse engineering, and obfuscation characteristics to mobile apps, ensuring not just compliance with the CPoC Standard, but also strong application-level protection against many software attacks.

Learn About Application Shielding

Thwart Fraud with Runtime App Self-Protection (RASP)

Enable your mobile app to detect risks on users’ devices, such network attacks, interference from other apps, etc., and then take specific remediation, such as forcing a password reset, shutting down the app, etc., based on pre-configured settings.

Learn About RASP
“We evaluated both security detection capabilities as well as operational deployment ones. We conducted advanced testing and determined that Zimperium’s approach was the most comprehensive and best aligned with our needs. We were very impressed with Zimperium’s technology and wonder how they do what none of their other competitors can do.”

– Vice President of Enterprise Security, Global Technology Retailer