Appdome boosts fraud detection with new geo-compliance features
Appdome announced it has improved its Geo-Fraud Detection service with the addition of Geo-Location Fencing and Geo DeSync Attack Detection.
These enhancements aim to help mobile app developers and enterprises eliminate location-based fraud and ensure geo-compliance.
According to the company, geo-fencing is crucial for finance apps and other regulated industries that need to meet compliance mandates such as the US Federal Financial Institutions Examination Council (FFIEC), EU General Data Protection Regulation (GDPR), and the Monetary Authority of Singapore (MAS) requirements. This feature allows developers to restrict or limit app access on a country or regional level, ensuring operations are compliant with local laws.
A Geo Desync Attack involves creating mismatches in location data on a mobile device. This manipulation of GPS coordinates, time zone settings, and accelerometer readings can deceive location-based services and security systems, leading to unauthorised access and potential security breaches.
Eric Newcomer, CTO and Principal Analyst at Intellyx, highlighted the importance of detecting geo-related fraud in today's mobile app economy. "Attackers are increasingly using location spoofing to avoid compliance," he said. "Mobile apps rely on accurate location for their services and are increasingly required to confirm device location to maintain trust." He noted that Appdome's mobile Geo Compliance service simplifies the implementation of advanced geo-compliance security features for developers.
Unlike traditional geo-compliance offerings that depend on proprietary and costly geo-service networks, Appdome's solution focuses on safeguarding the mobile device's built-in location services, ensuring they are not tampered with. This approach negates the need for third-party networks, SDKs, complex server-based implementations, and third-party monthly usage fees, making the system effective even without network connectivity.
"Offering a broad range of mobile Geo Compliance features under a single pane of glass with other security and anti-fraud defenses is a game changer," said Tom Tovar, co-creator and CEO of Appdome. "These added Geo-Fraud defenses showcase how the Appdome platform is uniquely extensible, allowing brands, developers, and enterprises to achieve multiple mobile app defense objectives simultaneously in the same automated workflow."
The Appdome Mobile Geo-Compliance solution is designed to counter various forms of location-based fraud, such as fake locations, fake GPS apps, fraudulent locations, VPN detection, no SIM (fake devices), teleportation, Geo DeSync, and other attacks. Developers can select the required Geo-Compliance features for their Android and iOS apps and initiate the build command from CI/CD or using the Appdome Platforms Build My App button. Appdome's patented technology leverages machine learning to integrate the defenses into each application.
Chris Roeckl, Chief Product Officer of Appdome, remarked on the evolution of their geo-fraud solution. "Compliance was the early driver for our geo-fraud solution, but now there's so much more customers are getting out of it," he stated. "Stopping location-fraud and ensuring valid, real location in mobile applications is universal across every Android and iOS app, whether it's a streaming, dating, restaurant, retail, gig economy or other app. True location is what we deliver in these mobile apps."
The Appdome Geo-Compliance solution offers multiple enforcement modes, including advanced telemetry and customised responses or workflows when geo-compliance threats are detected. It also provides monitoring of geo-fraud attacks via the Appdome ThreatScope Mobile XDR, either before or after the deployment of geo-location defenses through the Appdome platform.
The full Appdome Mobile Geo-Compliance solution is set to be showcased at Black Hat USA from August 3-8, 2024, in booth #1350.