Verimatrix App Shield: How safe is your app?
Posted on Sep 24, 2021 by Verity Butler
Verimatrix App Shield may be the answer to video apps being everywhere – with hackers ready to take advantage of them. Is your protection up to the challenge?
In the middle of the night, someone in a black turtleneck crowbars his way into your office, smashes open the filing cabinets and steals a boxload of confidential information. Next morning, you are left sweeping up broken glass and facing the end of your business. Ah, the good old days. But for companies today, threats are far more sophisticated, more damaging and more difficult to detect.
For most of the world, mobile devices are the primary source of media. In fact, many content platforms will lead with their mobile app as the major conduit for connecting their audience to content. An app provides them with ease of use and the ability to watch or interact any time, giving the content provider a wealth of audience data to use for improving engagement, developing new business and enhancing advertising. It’s also, all too often, an open window for criminals to wreck a media business.
Content protection and piracy prevention have been a priority for major rights holders, and while great strides have been made, there is a bigger digital security picture that is often still neglected.
“You can’t protect all that valuable content if you focus only on point of origin. You have to safeguard the whole app ecosystem,” warns Neal Michie, director of product management at digital security provider, Verimatrix. “Protect the ecosystem down to the end point, you protect the users, you protect the content, and you protect all the businesses that are part of that ecosystem.”
Verimatrix recently conducted a research project in which they received permission to examine 15 media apps on Google Play store, all from major content providers. Mimicking what a potential hacker would do, they probed the apps to uncover vulnerabilities. “It’s the cyber equivalent of staking out the bank before you rob it,” says Michie. The Verimatrix team then rated the security of these well-known apps from A to E.
The results were almost entirely D ratings, with a couple managing to get a C, and others falling down to E. Most of the apps had been protected with easily procured – free of charge – open-source solutions, making them easy to crack.
The end result could be a CEO sitting in front of a government watchdog, trying to explain why their teams didn't protect customer
“Business people often haven’t explained to their developers how important security is – and why they need to protect IP and customer data,” adds Jon Samsel, Verimatrix SVP of global marketing. “And on the other side, developers may not want to spend the extra money or time that’s required. A lot of companies need to start this conversation.”
Inadequately protected apps are vulnerable to all sorts of attacks beyond simple content piracy. One type of activity becoming more popular with hackers is the creation of spoof content. These might be presented as “free”, or local versions of paid apps, made available in the same app stores as the authentic versions. Even if these are only active for a few weeks before being taken down, they can still harvest huge, damaging quantities of personal data, including credit card information. The end result for a business could be a CEO sitting in front of a government watchdog, trying to explain why their teams didn’t adequately protect customers.
Layers of protection
The entertainment industry, including major studios, is starting to become aware of the need to not only close the vulnerabilities in the way digital security is approached in-house, but create standards and benchmarks that vendors all along the content chain can look towards.
Ease of access to tools that are more robust than flimsy, open-source protections is also going to be essential as we move forward. Verimatrix offers a number of very sophisticated toolkits, allowing developers to instal multiple layers of app protection – but some developers may not have the budget or need for all that digital armament. As a result, tools like the Verimatrix App Shield – which is provided as an automated SaaS solution for protecting apps – are becoming more useful.
“The criminals hacking the apps are looking for return on investment,” says Michie. “Anything you can do to add additional time and cost is going to eat into their profit margin – and they’ll go to work on your less well-protected competitor instead.”
This article first featured in the Autumn 2021 issue of FEED magazine.