It’s No Accident – Mobile Money and Mobile Malware Set to Go Big in 2011

There’s a killing to be made. The battlefield is your phone, and you’re about to feel a sharp pain in your assets as credit card companies and crooks calculate ways to help relieve you of your cash.

Last week the cell phone industry held its Mobile World Congress in Barcelona, and companies looking to provide mobile spending solutions were very present. Perhaps most notably was Visa, who announced they will roll out their PayWave solution in phones this year by providing users with a microSD (for iPhones this will be via a unique ‘skin’) to transform their phones into a credit card/debit cards instead of waiting for Near Field Communication (NFC) to be built into the handsets. (See explanation of NCF at the end of the article)

The revenue potential of turning phones into payment tools for financial institutions is enormous. And the convenience factor for consumers is clear cut – the need for carrying cash or credit cards disappears, and whole new application scenarios are enabled. So what does this have to do with mobile crime?

Follow the money. The same factors that make a favorable climate for great strides in legitimate mobile commerce make a favorable climate for crime.

As the popularity of smartphones skyrockets, smartphone functionality increases, the number of mobile banking, ecommerce, and transaction platforms expand, the number of mobile access points explodes, and the sophistication of criminals grows, we are approaching perfect storm conditions. Here’s how both the good guys and the bad guys look at the landscape:

  1. Size of opportunity: The number of Cell phones worldwide hit 4.6 Billion this month according to the U.N. telecommunications agency. Today 500 million of these phones are smartphones that enable the rich features companies and crooks need, and this number is expected to exceed 1 billion smartphones by 2013 according to the latest forecasts from Informa Telecoms & Media.  As a point of comparison, there are about 2 Billion computers out there, most running the Windows OS.
  2. Cost of investment drops: As industry pressures condense the number of mobile platforms, like RIM, Android and iPhone, developers and hackers alike can better leverage their code to target millions/billions of users with the same services (and exploits) setting the stage for a high return on investment.
  3. Risk:
    1. From financial corporations view: Credit card companies and other financial institutions believe they have mitigated the risks inherent in contactless payment systems. Indeed, Visa claims their PayWave system will in fact be safer than using traditional credit cards because their chip creates a unique authentication code for each transaction while never providing retailers with your credit card number. Challenging that claim, security expert and uber white hat hacker Karsten Nohl told CNET that NFC payments still have their security weaknesses and that the technology may need a bit more time to be completely safe.Whatever the case, these companies have long experience earning plenty of money even when crime takes a bite out of their revenues. But they only have to cover one piece of the pain; consumers have to pick up the time and cost of cleaning up their accounts and financial reputations.
    2. From organized crime’s view: With their successful tactics in phishing, farming, scamming and spamming constantly being honed, consumers using insecure WiFi networks,  security gaps in both service’s and in platform’s code to exploit, antiquated or non-existent laws, police forces woefully understaffed, and careless consumers hell-bent on convenience, what’s not to like? Now add into the mix that phones are essentially wallets and everyone wants to be a pickpocket. The business case for investing mobile malware has finally been made.  Learn more in my blog McAfee Threat Predictions for 2011 – Mobile: Usage is rising in the workplace, and so will attacks, that looks at the historically fragile cellular infrastructure and slow strides toward encryption. McAfee Labs predicts that 2011 will bring a rapid escalation of attacks and threats to mobile devices, putting user and corporate data at very high risk.

What this means for Consumers – Defend Your Phone!

Security companies have scrambled to provide mobile security software solutions, and if you have a smart phone, it’s time to purchase a mobile security suite.

TopTenReviews has created an excellent mobile security software comparison chart for consumers that I recommend.

Key features in these programs include antivirus protection, a firewall preventing unauthorized electronic access, antispam, and quarantine protection in real time.

Based on your phone usage patterns, the type of content you store on your phone, or if you’re helping protect a minor’s phone, some additional features may be of interest:

  • Remote block and remote wipe to protect your information if your phone is lost or stolen.
  • Protection of internal memory and contents stored on memory cards
  • Ability to place phone numbers on either a black or white list – the ability to block people from calling is of keen interest to teens, and a key tool in blocking cyberbullies.
  • Parental control monitoring
  • SIM Card notice so that if your phone is stolen and the thief puts in a new SIM card, the phone will send you a notice of the new phone number to help track down the thief.

There are still far too few consumers that adequately protect their computers – news out this week from Panda Security found 50% of computers worldwide are infected with some form of malware– and this is a real safety, security and privacy issue. (If your computer is not protected

Now, add your cell phone to the must protect list, or you’ll find that if it isn’t protected…. it will be infected.  Get security software and install it today.

Welcome to another year of living dangerously. For more information about other mobile phone risks and tips, see my blog Using Mobile Phones Safely.


What is NFC? You’ll come to hear the term Near Field Communication (NFC) often in the coming year as ‘swipe’ technology becomes more pervasive. It’s a set of short-range wireless technologies that allow either one- or two-way exchanges of information (think RFID on steroids).  The demand for this functionality is high; both iPhone5 and new Android models will include NCF, and 70 million NCF enabled smartphones are expected to be sold this year.


Comments are closed.

%d bloggers like this: