- The smartwatch with the best battery life I've tested is also one of the cheapest
- One of the most immersive portable speakers I've tested is not made by Sony or Bose
- US Voters Urged to Use Official Sources for Election Information
- The best foldable phones of 2024: Expert tested and reviewed
- Redefining customer experience: How AI is revolutionizing Mastercard
Lockin Company’s Approach to Zero Trust Security and Rising Phishing Threats with its security software LIAPP, LIKEY, and LISS
LIAPP (Lockin App Protector) is an integrated mobile app security service developed by Lockin Company, a Korean-based security company dedicated to mobile apps protection, that protects over 2,000 apps worldwide.
LIAPP offers a SaaS model, allowing app developers or security managers to register and secure their apps through the LIAPP dashboard without needing to set up a separate on-premises server. It also supports auto-signing for distribution to the Google Play Store.
To uphold the important value of Zero Trust Security, LIAPP provides a two-factor authentication feature.
- One is the two-factor authentication for the LIAPP dashboard login, designed for app administrators and developers. The LIAPP dashboard allows real-time monitoring of detected threats and provides the ability to change security options in real-time. LIAPP users, including app administrators and developers, can conveniently manage everything from a single dashboard. To ensure the security of this dashboard, LIAPP enforces strict login measures. LIAPP strongly recommends users to enable two-factor authentication when logging into the dashboard, requiring them to complete the authentication process after entering their email address and password.
- The other two-factor authentication is included as a feature of LIAPP’s app security. This feature, called LIAPP AUTH (LIAPP AUTHENTICATION), is one of LIAPP’s powerful tools that focuses on Zero Trust Security, where no one is trusted by default. LIAPP AUTH is designed to prevent threats to a direct access to app server without going through the app itself or attempts to bypass LIAPP security. LIAPP reassesses all connections to the app server and checks every access to the app and evaluates whether it successfully passes the security checks or attempts to bypass them. If an app service implements LIAPP AUTH, it can further strengthen its protection by adding another layer of security to the app’s protection, detection features, and server access, ensuring comprehensive protection for the app.
We’d like to introduce LIAPP’s top security feature, an automatic threat user block. This feature blocks automatically the access to users who pose a threat to the app. The app administrator can decide a specific period to block the access based on the number of threats detected. After this period ends, access is automatically restored. Depending on the app’s operation policy, administrators can freely adjust the threat detection count and the blocking period. The best part is that there’s no need to apply LIAPP again or redistribute the app to the Google Playstore or Appstore after the adjustment is done.
Lockin Company’s proprietary security keypad for mobile apps, LIKEY, also adheres to Zero Trust Security principles. Financial tech apps, such as mobile banking, cryptocurrency exchange platforms, and e-wallets, require users to enter a PIN or an ID and password when logging in. Behind this input, values are encrypted key values. However, if the same logic is used across different secure keypads or if the server handling these encrypted key values is exposed, it can lead to a significant security breach across different services using the same secure keypad.
LIKEY generates one-time data that cannot be decrypted each time a user inputs a value on the keypad, transmitting it to the server. The encrypted data is randomly generated each time, ensuring strong security by producing different data even when the same input is provided. Unlike standard secure keypads, which can be vulnerable to hacking techniques like hooking or keylogging, LIKEY prevents the exposure of original data by creating new data every time a password is entered.
Additionally, each company or project is issued a unique label (salt), so even if one client’s label is exposed, it doesn’t compromise the encrypted values of other companies, allowing for the establishment of independent security systems for each business.
LISS, another proprietary development by Lockin Company, is a powerful remote-control apps detection and screen protection service designed to counter the increasing phishing threats. When a phishing message arrives, malicious URLs are delivered together. The owner of device inadvertently or unconsciously clicks the URL then remote-control apps can be installed on the user’s device. Apps protected by LISS can immediately detect these remote-control apps, showing a black screen to the remote controller, thereby instantly blocking the sharing of personal information. LISS sends a notification to the app user, informing them that a remote-control app has been detected, enabling the user to be immediately aware of the threat.
In today’s world, where you can perform banking tasks without visiting a bank and control everything through apps with IoT and mobile app integration, security is no longer an option but a necessity. With Lockin Company’s security services, mobile apps can be powerfully protected. Learn more about Lockin Company solutions at https://liapp.lockincomp.com/
About the Author
Gary Miliefsky is the publisher of Cyber Defense Magazine and a renowned cybersecurity expert, entrepreneur, and keynote speaker. As the founder and CEO of Cyber Defense Media Group, he has significantly influenced the cybersecurity landscape. With decades of experience, Gary is a founding member of the U.S. Department of Homeland Security, a National Information Security Group member, and an active adviser to government and private sector organizations. His insights have been featured in Forbes, CNBC, and The Wall Street Journal, as well as on CNN, Fox News, ABC, NBC, and international media outlets, making him a trusted authority on advanced cyber threats and innovative defense strategies. Gary’s dedication to cybersecurity extends to educating the public, operating a scholarship program for young women in cybersecurity, and investing in and developing cutting-edge technologies to protect against evolving cyber risks.