Verimatrix continues to add new features to its flagship product, Extended Threat Defense (XTD). Our goal is to make it harder and harder for the bad guys to compromise apps and APIs. And we must be doing a pretty good job—with leading brands from telecommunications and e-commerce, healthcare, and insurance. 

But the one industry that’s embraced XTD the most is financial services, and banks in particular. Why is that? 

Well, as an ISO 9001 and ISO 27001-2022 certified security vendor, we walk the talk when it comes to maintaining high standards in both quality management and information security. We also build security products with features that the world’s top banking brands really appreciate. Let’s take a look at a few of them.

A targeted response to security breaches

First, there’s the Verimatrix User Identity Tag™, a standout feature within the XTD suite that acts like a unique digital fingerprint for each individual app user. This feature plays a crucial role in pinpointing compromised accounts when an app faces a security breach. 

By accurately tagging and identifying users, it allows customers to quickly trace which specific app user accounts have been affected, rather than casting a wide net. This targeted approach is especially valuable for developers working on sensitive applications, such as those in the banking or finance sectors, where precise action is essential. 

Rather than triggering mass security alerts to all users, which can cause unnecessary panic and degrade user trust, the User Identity Tag™ enables developers to focus on the accounts that are actually at risk. One of the top 3 banks in the world is a Verimatrix XTD customer, and they love this feature.

Shielding against Android app accessibility exploits

Verimatrix XTD includes a powerful feature known as the Accessibility Abuse Detector™. This tool is specifically designed to combat a growing threat where hackers exploit the Android app accessibility feature, which was originally intended to help users with disabilities but has increasingly become a target for malicious activities. 

The Accessibility Abuse Detector™ works by continuously monitoring for unusual behavior, such as unauthorized keylogging on a neo-bank app, where hackers attempt to capture keystrokes to steal sensitive information like passwords and credit card details. 

It also identifies and blocks fake overlay attacks, where deceptive screens are placed over legitimate apps to trick users into entering personal information. By catching these threats early, the Accessibility Abuse Detector™ prevents potential damage and keeps both user data and app integrity safe, providing a critical layer of security that addresses a specific vulnerability in the Android ecosystem.

Protecting against network-based threats

Network Monitoring™ is another XTD feature for mobile app security worth mentioning. It provides advanced threat detection that keeps customers, their app users, and all API data safe from sophisticated network-related attacks. 

By incorporating comprehensive DNS cache analysis, phishing site monitoring, and malware command-and-control (C2) detection, this feature provides a multi-layered defense against malicious activities targeting mobile banking apps. 

It’s particularly valuable because it identifies when apps, like a wealth management application, might unknowingly communicate with dangerous servers or fall prey to phishing attempts, which is crucial for applications that handle sensitive information like banking or personal data.

A more user-friendly threat dashboard

While not a feature per se, XTD’s revamped threat dashboard is worth a mention. We sat down with multiple customers and watched them perform common user tasks within the XTD platform. 

Often times, the paths to protect apps and detect or respond to threats were clear and straightforward. Other times, customers asked things like, “How can I do X?” or “It would be great if I could do that.” 

The outcome? We decided to replace our numbers-based risk output, replacing it with four simple categories: Informational, Low, Suspicious, and High. 

Similar to a traffic light system for security threats. Each level comes with a clear explanation and advice on how to fix the problem. This means development teams can spot and respond to threat signals faster.

These XTD features provide banking developers (and frankly, developers working in any business sector) the professional security tools they need to assemble secure apps that users can trust. 

Another benefit: these features help our customers address the OWASP Top 10 Mobile App threats, which is an added benefit of using XTD.

XTD brings peace of mind for app developers

Verimatrix XTD has many more features and differentiators that we could talk about, such as our flexible deployment options, seamless CI/CD and SIEM integrations, and whitebox cryptography tools, but let’s leave those to another blog post.

We believe our latest XTD enhancements help provide our customers with the peace of mind they deserve. Our mission is to empower developers with top-tier app and API security solutions, equipping them to stay ahead of evolving cyber threats. 

By offering adaptable and easy-to-use tools, we ensure that they’re always ready to tackle whatever new attack methods cybercriminals might throw their way.