The advance of the Internet of Things (IoT)
Ten years ago, web security vendors mostly had to worry about dealing with traffic coming from web browsers, simply because mobile app traffic was not as dominant as it is today. But as new and more powerful mobile phones and tablets came out, the traffic shifted a lot more into the mobile world. In some countries like India, users have their first experience with the Internet from a mobile device. In response, web security vendors adapted to the mobile trend by offering SDK to help integrate with mobile applications. But the evolution did not stop there: along the way, more and more “things” became connected to the Internet, such as smart TVs, DVD / Blueray players, game consoles, watches, picture frames, baby monitors, cameras, printers, you name it… All these devices have one thing in common, they allow the user to login to cloud services to manage the content.
The IoT challenge for web security vendors
So, what’s the big deal? Well, the login API these “things” connect to are regularly attacked by fraudsters and when one of these accounts is taken over, the attacker can gain access to a huge amount of personal information, which may have a devastating effect on the account owner.
Arkose Lab’s approach to fraud detection with the IoT