How IBM Trusteer Mobile SDK works
Proactively detect high-risk access
Protect your mobile app from financial malware. IBM Trusteer Mobile SDK combines a set of robust fraud protection capabilities designed to maintain the integrity of the banking application in which it has been embedded. By leveraging real-time risk detection, SDK allows organizations to streamline the overall risk assessment.
Detect rooted/jailbroken devices
Jailbroken iOS or rooted Android devices can be good indicators of high-risk behavior or potential anomalies as they can allow for easier malware installation. Trusteer Mobile SDK contains a Root/Jailbreak detection capability that helps determine whether a modified version of the operating system is installed on a device that is trying to connect to an online banking service. In addition, SDK offers enhanced detection of root evasion techniques, root hiders and other active hiding techniques.
Offers Certificate Pinning/SSL Pinning
Protocols that rely on certificate chain verification, such as SSL/TLS, can be vulnerable to a number of dangerous attacks, including man-in-the-middle (MitM) attacks, which occur when an unauthorized party is able to view and modify all traffic passing between the mobile device and the backend systems. IBM Trusteer Mobile SDK enables Certificate Pinning, also known as SSL Pinning or augmented certificate authority security to help detect and block such attacks.
Overlay protection and emulator detection
Overlay attacks can allow hackers to intercept information and compromise user security. IBM Trusteer Mobile SDK provides a set of APIs that natively integrate into the mobile banking app to provide real-time risk analysis and detection of overlay attacks. Additionally, and by analyzing anomalous patterns, SDK can help detect transactions originating from virtual machines or emulators and provide actionable recommendations on whether to allow, restrict or deny user or device access.
Complex device fingerprinting
IBM Trusteer Mobile SDK generates a persistent mobile device ID based on hardware and software attributes that is resilient to application reinstallation. SDK helps detects new, spoofed (proxy) and known criminal devices, and is dynamically generated by a strong and persistent mobile device ID component.
Complete view across channels
When integrated with IBM Trusteer Pinpoint Detect, Mobile SDK can correlate rich proprietary insights with global mobile carrier intelligence that provides a new account reputation score to help financial service providers detect and predict the risk of fraudulent intent during the new digital account creation process. The IBM Trusteer New Account Fraud solution helps organizations assess the risk, enabling a seamless digital account creation experience across web and mobile channels.
How customers use it