Two-year-old MTailor has garnered millions in sales for its custom-made shirts, all via its app.
The viaProtect app analyzes the activities, connections and data sources of all apps on a consumer’s mobile device, generating easy-to-understand reports in the app’s dashboard and an overall risk indicator. The app is from viaForensics, a mobile security firm whose clients include four of the five largest financial institutions in the U.S., the company says.
Would you invite 33 strangers into your home, where you store all sorts of private materials, and then kick back and watch TV while they wander about? No? Well, odds are pretty good that you already have.
The average U.S. smartphone user has 33 apps on her device, Google reports. The average U.S. smartphone user also has a lot of personal information on her device. And it’s a very safe bet she has absolutely no idea what those 33 apps are up to, where they link to, whether they use encryption or whether they are “leaking” data.
“You have no idea what is happening on your mobile device today; and what’s more, there are many ‘leaky apps’ out there, apps that unintentionally leave open to eavesdroppers your user names, passwords and credit card information,” says Chee-Young Kim, president and co-founder of viaForensics LLC, a five-year-old company that specializes exclusively in mobile security. “Our new viaProtect app scours your phone or tablet, all your apps, and processes information on those apps in a dashboard. You are shown a risk indicator, and then can drill down from there to learn much more.”
For a simple example, Kim says the risk indicator on her iPhone was “Low” until Apple Inc. recently came out with a critical security patch for its iOS 7 mobile operating system. The risk indicator then spiked to “High” until she downloaded the patch.
But the viaProtect app digs far deeper than that. It lets a consumer know the countries an app is sending data to or gathering data from, the Internet Protocol (IP) addresses to which an app links, whether an app leaves user data “in the clear” where eavesdroppers or hackers can gain access, and more. The app gathers mobile forensic, system, network, security and sensor data from devices, then uses statistical analysis and risk indicators to detect suspicious events or behavior. This means that an app can be constantly monitored to predict potential risks or problems, rather than just checking for known malicious apps, the company says.
Users of the new viaProtect app will:
- Get a device risk rating, a simple score that lets them know if their information is safe.
- Learn how phones and tablets are sending data, including what data is sent insecurely.
- Discover exactly where their data is being sent.
- Be informed of risky device modifications.
- Be alerted about leaky and insecure apps.
“We believe that everyone is entitled to protection from threats like identity theft and loss of privacy,” says viaForensics CEO and co-founder Andrew Hoog. “ViaProtect uses the same technology that our enterprise customers rely on to protect mission-critical data. It’s a more sophisticated approach for a world that is becoming more mobile by the day and one that an informed consumer will want.”
ViaForensics is offering the viaProtect app free to consumers with the hope that consumers value the app so highly they tell the companies for which they work about the technology and the companies turn to viaForensics for their mobile security work. ViaForensics offers an enterprise version of its security monitoring and risk assessment tools that is aimed at larger companies with thousands of employees who use their own personal mobile devices for both business and personal purposes combined (what is called BYOD, or Bring Your Own Device). For example, a consumer may check work e-mail and perform personal mobile banking on the same smartphone. ViaForensics declined to reveal the cost of its enterprise services.
ViaForensics has made quite a bit of progress in five short years: The company says four of the five largest financial institutions in the U.S. use viaForensics technology for mobile security. It says because it’s a security company it usually cannot reveal the names of its clients, but it can reveal that financial technology firm Shazam Bolt$ and the mobile payments firm Paydiant Inc. are clients.
ViaProtect was built to support both Apple iOS mobile devices and smartphones and tablets running Google Inc.’s Android platform. Since iOS is less vulnerable to virus attacks than any other mobile platform, it has historically been underserved by mobile security solutions, viaForensics says. However, leaky apps are just as common on iOS as Android, making a tool like viaProtect useful for either platform, the company says.