Detect eavesdropping in your mobile app with TrustKit
|Christian Hargrave in Security Wednesday, July 11, 2018|
Detect and prevent eavesdropping with TrustKit Analytics mobile application security tool developed by Data Theorem.
Data Theorem, Inc. announced the availability of TrustKit Analytics, a new service for the TrustKit community that delivers advanced security insights. In addition, the company announced that since TrustKit’s release in 2015, it has identified more than 100 million eavesdropping attempts on iOS and Android applications, where apps in active mode have blocked 100 percent of those attempts. TrustKit is furthering anti-eavesdropping as a new standard in mobile application security.
Leveraging SSL Pinning, TrustKit enables mobile apps to provide comprehensive protection for the transmission of data. While SSL pinning has existed as a concept, their free open-source software development kit (SDK) is increasing the ease of equipping mobile applications with SSL pinning, enabling them to encrypt all communications, actively stop eavesdropping and block SSL man-in-the-middle (MiTM) attacks. This helps ensure user privacy, maintain data integrity, stop unauthorized spyware, and block unknown attackers from stealing user identity.
“TrustKit’s rapid growth and adoption represent an inflection point for mobile application security that benefits the privacy of user communication,” said Alban Diquet, Data Theorem Head of Engineering and author of TrustKit. “We owe it to our community for their adoption and work with us, which has allowed our new analytics service to deliver unique security insights to help customers understand how their applications are being violated from a privacy standpoint. Through this effort with our community, customers can develop mobile applications to be more secure with mobile than their web browser equivalent applications.”
TrustKit Analytics is a new and free service for their SDK users, delivering global visualization (geotagging) of the locations with the most eavesdropping attempts. The analytics service shows what percentage of eavesdropping attempts were actively blocked versus passively monitored, and whether the attempts came from end user device spyware, insecure public Wi-Fi, or corporate employer network monitoring. TrustKit Analytics also provides an easy path for customers to avoid irreversible downtime by setting up alerts to prevent malicious domain forging of SSL certificates and early detection of pinning misconfigurations. These alerts help customers avoid embarrassing mistakes and the loss of business due to avoidable downtime.
SSL pinning is a security capability that developers can leverage to prevent eavesdropping (MiTM) from occurring on data that transfers to and from their mobile apps by ensuring the client checks the server-side certificate against a known copy of that certificate. While the concept is well known, it has traditionally been difficult and time-consuming to implement, since it requires both significant operational and code-level changes. TrustKit facilitates code-level implementation to a "matter of minutes" by providing “drag and drop” SSL public key pinning. Whenever an eavesdropping attempt occurs, the TrustKit SDK within the application sends a notification report back to Data Theorem for the delivery of rich analytics, visualizations, and alerts of malicious attacks and potential downtime.