Securing citizens data with the Kaspersky Mobile Security SDK

European citizens will soon be equipped with a mobile application that will empower them to take charge of the security and privacy of their data. This will happen through interaction with the TRAPEZE Dashboard via personal smartphones or tablets running Android or iOS operating systems. The application will be protected with the features included in the Kaspersky Mobile Security SDK (KMS-SDK), a multi-layered security framework for building online protection directly into the app, quickly and effectively. The citizens’ valuable data will be secured against known and emerging threats and the app will notify citizens of access to malicious and phishing websites, ensuring the safety of online communications.

Following the ‘Secure by design’ principle, the TRAPEZE Dashboard mobile app will be foundationally secure. The protection, able to thwart an overwhelming majority of attack vectors against mobile devices and data, will be implemented through the KMS-SDK five-step approach for securing mobile applications:

  1. Assess the device – Risky device settings or rooted devices can simplify successful attacks and data exfiltration. Furthermore, on Android devices, some applications can be recognized as malicious based on their behaviour or reputation. KMS-SDK detects and mitigates the danger.
  2. Protect the device –  The Android version of the TRAPEZE Dashboard will be protected through the ‘classic’ Kaspersky anti-malware tool designed to prevent malware from infecting the device, including a scanning that will notify the citizen if a malware attempts to exploit his/her device.
  3. Secure the connection – The data exchange between the citizen’s device and remote web resources needs to remain secure at all times. Both Android and iOS versions of the TRAPEZE Dashboard will include KMS-SDK measures like the DNS spoofing checker, the certificate validator, the Wi-Fi safety analysis, and the website reputation analysis.
  4. Secure the data – When citizens need to input or store important information using the TRAPEZE Dashboard app, the KMS-SDK secure input and secure storage features will prevent data interception by fraudsters.
  5. Protect the application – The KMS-SDK Self-Defence features provide facilities that protect the Android version of the TRAPEZE Dashboard mobile application from exploitation by third parties. The self-defence mechanisms provide for verification of the application’s digital signature, and to detect debugging and attempts to replace the method operations with malicious code.
KMS-SDK Five Step approach for mobile apps security.
Figure: KMS-SDK Five Step approach for mobile apps security.

KMS-SDK is fully integrated with Kaspersky Security Network (KSN), a complex distributed infrastructure dedicated to process cybersecurity-related data streams to deliver the Kaspersky security intelligence to every citizen who is connected to the Internet, ensuring the quickest reaction times, lowest false positive rate and maintaining the highest level of protection. KSN integration complements conventional security techniques for malware and threat detection, so that the TRAPEZE Dashboard mobile app end-users are protected from the latest mobile attacks.

For more details, see also the deliverable Securing citizens smart terminals and online communication – First version

by Amedeo D’Arcangelo