Appdome enhances geo-fraud detection with new security features
Appdome has announced enhancements to its Geo-Fraud Detection service, adding two new defenses - Geo-Location Fencing and Geo Desync Attack Detection. This development aims to further protect mobile apps from location-based fraud.
The introduction of Geo-Fencing is essential for finance apps and other regulated industries that must meet Know Your Customer (KYC) and other compliance mandates. These mandates include those set by the US Federal Financial Institutions Examination Council (FFIEC), the EU General Data Protection Regulation (GDPR), and the Monetary Authority of Singapore (MAS). Geo-Fencing allows mobile app developers to restrict or limit app access on a country or regional level, ensuring that operations comply with local laws and regulations.
Geo Desync Attack is a cyber-attack that intentionally creates mismatches in location data on a mobile device. By manipulating GPS coordinates, altering time zone settings, and falsifying accelerometer readings, attackers can deceive location-based services and security systems. This type of attack can result in inaccurate tracking, unauthorised access, and potential breaches of security protocols, undermining the integrity of location-dependent applications and services.
"Detecting geo-related fraud is a top priority in today's mobile app economy. Attackers are increasingly using location spoofing to avoid compliance, for example," said Eric Newcomer, CTO and Principal Analyst at Intellyx. "Mobile apps rely on accurate location for their services and are increasingly required to confirm device location to maintain trust. Appdome's mobile Geo Compliance service reduces developer complexity for implementing advanced geo-compliance security features."
Unlike legacy geo-compliance offerings that rely on proprietary and costly geo-service networks, the Appdome Geo Compliance solution focuses on protecting the mobile device's built-in location services. It ensures these services have not been abused or tampered with. Appdome's approach eliminates the need for third-party networks, software development kits (SDKs), complex server-based implementations, and does not require third-party monthly usage fees, allowing enforcement to work even if the device is not network-connected.
"Offering a broad range of mobile Geo Compliance features under a single pane of glass with other security and anti-fraud defenses is a game-changer," said Tom Tovar, co-creator and CEO of Appdome. "These added Geo-Fraud defenses showcase how the Appdome platform is uniquely extensible, and allows brands, developers and enterprises alike to solve multiple mobile app defense objectives simultaneously in the same automated workflow."
The Appdome Mobile Geo-Compliance solution aims to end geo-fraud by detecting fake locations, fake GPS apps, fraudulent locations, VPNs, no SIM (fake devices), teleportation, Geo Desync, and other attacks. Customers can select the required Geo-Compliance features for any Android and iOS apps and initiate the build command from Continuous Integration/Continuous Deployment (CI/CD) or using the Appdome Platform's Build My App button. Appdome's patented technology uses machine learning to code the defenses into each application, simplifying the process for mobile developers.
"Compliance was the early driver for our geo-fraud solution, but now there's so much more customers are getting out of it," said Chris Roeckl, Chief Product Officer of Appdome. "Stopping location-fraud and ensuring valid, real location in mobile applications is universal across every Android and iOS app, whether it's a streaming, dating, restaurant, retail, gig economy or other app. True location is what we deliver in these mobile apps."
The Appdome Geo-Compliance solution is available in multiple enforcement modes, including advanced telemetry and customised responses or workflows when geo-compliance threats are detected. It also monitors geo-fraud attacks via the Appdome ThreatScope Mobile Extended Detection and Response (XDR), either before or after the deployment of geo-location defenses through the Appdome platform.