Get A Free Trial

Mobile Solution - FAQ

SecureChannel Mobile Security Solution provides very strong protection against all threats. It is just a plug-in. It can be integrated in hours and has no dependencies on the host application..

How SecureChannel protects from any phishing attempts?

All authentication data are virtualized using mobile time based encryption key. This dynamic key is not available anywhere. To phish authentication data one has to decrypt virtualized data, which is practically impossible without having the key.

How SecureChannel protects from any man-in-middle attack by framework like Magikdisk, Frida, Busybox, etc.?

  1. Authentication data can't be extracted from stolen data because it is dynamically encrypted.
  2. The dynamic VPN functionality prevents using of stolen data from any other device.
  3. Stolen data have to be presented to the server from the originating device before application submits it, within few seconds. This is virtually impossible.

How SecureChannel protects from any phishing and use of stolen business data or modification to payload data?

Similar to the virtualization of authentication data, even business data is visualized, the SecureChannel server can process only virtualized data. On processing, the real data is handed over to host application for further processing. Virtualized image is one-time use, with a very short life. This makes either phishing or use of phishing data impossible.

Can extract SecureChannel component and use?

Only licensed and registered component can be used. Unregistered component does not carry out virtualization.

Why SecureChannel plug-in can not be cracked?

  1. SecureChannel plug-in is written in C++. It has dynamic code using dynamic data.
  2. It is not practical to retrace source code from millions of lines of assembly code. It may take decades to retrace.
  3. Any new release of Secure Channel plug-in will be redundant all the effort of retracing. Typically, there will be at least one new release with each new release of phone OS.
  4. To retrace the code one has to test hundreds of thousands times.
  5. Since virtual signature of the application won't match, the app will shuts down during testing. Also device, user, and IP address will be locked at the server level.
  6. Thus, a hacker will require hundreds of thousands of smart phones, hundreds of thousands of user accounts and hundreds of thousands of networks to try.
  7. The hacker will rather put efforts hacking applications which are not secured.

How SecureChannel protects from attack on rooted device?

On a rooted device, either data can be stolen or application can be changed,

  1. If the application is changed, then virtual signature of the application won't match, This shuts down the app. Also device, user, and IP address are locked at the server level.
  2. Please see the answer of the previous question to MIM related question to see how data is protected.

Why SecureChannel app signature can't be broken?

SecureChannel Virtual Signature is based on relative internal properties of running application. These properties can be obtained only by dynamic cracking. This is impossible to do. Any attempt of dynamic cracking shuts down the phone.

What if SecureChannel is bypassed in mobile app code?

The SecureChannel specific payload is submitted to serve as part existing payload. On the server side the first call is made to the SecureChannel API. If the API does not receive the required data then it rejects the request.

What’s the impact on integrations with mobile features?

There is ZERO impact at all. SecureChannel does not require any change in your existing logic, data, checks, communication, GUI, etc. It has no dependency on the base application or any other third-party applications/code.

What changes have to be carried out in host application?

There is ZERO change. SecureChannel is a host application independent solution.

Does SecureChannel support hybrid, native, web application?

SecureChannel just produces a json package which should be passed to serve as part of your existing payload. It is up to the application how it passes payload to the server. Thus, it is application type independent.

How Identify and Access Management handled in SecureChannel?

SecureChannel web based cockpit provides extensive identity and access management of users. But, in most cases, explicit management is not required, as the system automatically takes care of most of these activities.

How complex is server installation and customization?

SecureChannel service is available as a platform based service, Thus, these activities are taken care by Cybernet team. In case of in-premises installation, server installation requires just creating DB objects and deploying an EAR file. The customization is very simple. It is a matter of clicking few checkboxes. ZERO programming is required.

What all are supported server platforms?

Currently, SecureChannel offers client component for server side integration in Java, .NET, PHP, node.js, Python, and Ruby. Cybernet can provide component in other languages on request.

Get in touch with us



    COPYRIGHT 2018- CYBERNET SECURITY SOLUTIONS LLP.
    India: B-803 Windsor Avenue, Wanowadi, Pune-411022.
    USA: 1280 West Peachtree St., Atlanta, GA 30309
    Development Center: 2nd Floor , Nitron Classic, St. Patrick Town, Hadapsar, Pune-410013
    linkedin facebook pinterest youtube rss twitter instagram facebook-blank rss-blank linkedin-blank pinterest youtube twitter instagram