Mobile ID Fraud 2010

Identity theft and fraud has gained a foothold on the fixed internet as well as areas of hard copy information. Visiongain believes that this will migrate onto the mobile platform.

Key players in the mobile industry involved in mobile content, the mobile web and protecting mobile subscribers need to gain a thorough understanding of a crime that is continuously evolving and will migrate onto the mobile platform. The mobile phone has become intrinsically linked with the mobile web and as such has heightened the security risks associated with identity fraud.

Traditional mobile content, such as voice and SMS messaging are not immune from this threat. While ID fraud in general is believed to be falling visiongain believes that its presence on the mobile phone will grow, and the mobile industry will need to be aware of the dangers presented to themselves and their subscribers.

The next generation of mobile subscribers will have a stronger presence on the mobile web, and the next generation of mobile phones will be devices that have the potential to store ever higher amounts of data and information that will be at risk from identity fraudsters.

The mobile web is at risk of being stifled through poor user experience suffered from identity fraud on the mobile web as well as through traditional mobile content. Protection for mobile subscribers will need to be given in order to encourage growth of the mobile platform.

Why you need to order this report today

• Mobile Operators - Gain an insight as to what issues regarding ID fraud can be tackled by the mobile operator and how this will benefit the operator in the market. Discover the risks to the mobile network from ID fraud and how these risks can be best prevented.
• Mobile handset vendors - Discover what issues on the handset directly affect mobile ID fraud and how these can be best dealt with while remaining competitive in the mobile market. Learn what role mobile handset vendors possess in the mobile market in tackling ID fraud and the opportunities that this presents.
• Mobile content providers - Learn what subscribers need to protect themselves from ID fraud and what affect ID fraud can have on the mobile web content market.
• Mobile security strategists - Discover the priorities in defending the mobile industry from ID fraud and what has been seen in the market. Discover what opportunities exist in the mobile market for security against ID fraud.

Who needs to read this report?

Directors, VP and Senior managers in:
• Mobile/Cellular carriers and operators
• Mobile handset manufacturers
• Brands looking to protect their mobile content
• Brands and strategists looking to protect mobile subscribers


Report Highlights
Companies Listed
3 Networks
ABN Amro
Adaptive Mobile
Alliance and Leicester
Android
Anti-Phishing Working Group
Apple Inc
AT&T
Bango
BBC
Blackberry
Blyk
Bullguard
Cellular News
CGAP
China Mobile
CIFAS
CNN
Commbank
DoCoMo
Ericsson
Esmertec
Facebook
Foursquare
Fujitsu
Getjar
Google
GSMA
Halifax
Hewlett Packard
Home Office
HSBC
HTC
Iometer
Kaspersky
Kenya Equity Bank
Linux
Lotus
M86 security
McAfee
mConfirm
Microsoft
M-Kesho
Mobixie
Motorola
M-Pesa
MSN Money
Myspace
Natwest
Netsize
Newport Networks
Newport Networks
Nokia
Norton Antivirus
O2
Orange
Panda Security
Paypal
RIM
Samsung
Security Systems
Skype
Sony
SophosLabs
Sprint Nextel
Suntrust
Supercover Insurance
Symantec
Symantec
Symbian
Telefonica
Texas Instruments
The Open Handset Alliance
T-Mobile
Toshiba
Trend Micro
Twitter
Unisys
Verizon
Visa
Vodafone
World Bank
Xssist
Yahoo!
YouGov
[Fade out the market survey infos]

Chapter 1: Executive Summary
1.2 Identity theft and fraud
1.3 Identity fraud on the mobile
1.4 The focus of this report

Chapter 2: ID Fraud
2.1.1 ID theft
2.1.2 Account takeover
2.1.3 Phishing
Fig 2.1 – Phishing targets for week ending May 30th 2010
Fig 2.2 – Phishing sources by country for week ending May 30th 2010
Fig 2.3 – Phishing sources by continent for week ending May 30th 2010
2.1.4 Pharming
2.1.5 SMiShing
2.1.6 Tabnapping
2.2 The rock phish toolkit
2.3 Avalanche
Fig 2.4 – Avalanche attacks
2.4 Corporate ID fraud
2.5 Mobile banking applications
2.6 Wi-Fi security
2.7 Evil twin networks
2.8 Wireless network encryption technologies
2.9 WPA and WPA2
2.10 Wi-Fi ‘piggybacking’
2.11 Biometric authentication
2.12 Mobile cloning
2.13 LTE/4G security issues
2.14 The effect of the 2009 recession
Table 2.1 – Fraud type changes: 2008 - 2009
2.15 Loss of the mobile handset
2.16 The GSMA IMEI database
2.17 Mobile device recycling
2.18 Loss of mobile data control
2.19 Insurance fraud
2.20 Global trends
2.20.1 The US
2.20.2 Europe
2.20.3 Asia
2.21 Cost of ID fraud
2.22 Legislation
2.23 ID fraud prevention
2.24 Chapter conclusions

Chapter 3: Mobile Handsets
3.1 Mobile handset security
3.2 Handset risks
3.2.2 Smartphones
3.2.2.1 RIM Blackberry
Fig 3.1 RIM Blackberry enterprise solution
Fig 3.2 End to end enterprise solution
Fig 3.3 RIM Blackberry encryption process
3.2.2.2 Apple iPhone
3.2.2.3 Android smartphones
Fig 3.4 – Android security architecture
3.3 ID fraud through smartphone viruses
3.3.1 Mobile malware
3.3.2 Mobile viruses
3.4 Vulnerabilities on handsets
3.4.1 Bluetooth
3.4.2 NFC
3.4.3 Shoulder surfing
3.4.4 Handset recycling

Chapter 4: Mobile Operators
4.1 Fraudulent mobile accounts
4.1.1 Data sharing
4.1.1.1 IMEI database
4.1.1.2 Shared blacklist
4.1.1.3 Point of sale co-operation
4.1.2 Real time/early detection and action
4.1.3 Tracking individual and group ID fraud
4.2 Corporate data protection
4.2.1 Protecting consumer information
4.2.2 Consumer mistrust
Fig 4.1 – UK institutions trusted by the public
4.3 Corporate ID fraud
4.4 Network connection and security
4.4.1 Content filtering
4.4.1.1 Mobile web
4.4.1.2 Secure sockets layer (SSL)
Fig 4.2 – SSL position in the IP stack
4.4.1.2.1 Firewall
4.4.1.2 SMS/MMS
4.4.1.3 Voice calls
4.4.2 Privacy concerns
4.4.3 Wireless/Wi-Fi security
4.4.4 Ad funded content threat
4.4.4.1 Blyk ID security solution
4.4.5 Limits to mobile operator control
4.5 Conclusions

Chapter 5: The Mobile Web
5.1 Drive in data usage and connections
5.1.1 Global mobile web usage
5.1.1.1 Mobile web in Europe
5.1.1.2 Mobile web in the US
Fig 5.1 – Operating system share of worldwide mobile web
5.1.1.3 Mobile web in the BRIC markets
5.2.1 Mobile virus
5.2.2 Mobile phishing and pharming
5.2.3 Mobile banking
5.2.4 Mobile social networking
5.2.5 Mobile purchasing
5.3 Mobile online data benefits
5.4 Mobile web standards and security
5.5 Mobile web accessibility
5.6 Mobile content providers
5.6.1 Malware prevention
5.6.2 User identification
5.6.3 Web site security
5.6.4 Ad funded content
5.6.5 Protection in proportion to risk
5.6.6 Responsible data handling
5.7 Conclusion

Chapter 6: Mobile viruses and mobile security
6.1 Mobile viruses
6.1.2 ID fraud perpetrated through mobile viruses
6.1.3 Mobile virus protection
6.1.3.1 Eset mobile antivirus
6.1.3.2 Adaptive mobile
6.2 Identity data protection
6.2.1 GB Group
6.3 Identity authentication
6.4 Encryption

Chapter 7: Mobile ID fraud landscape in 2015
7.1 Mobile antivirus software
7.2 Global mobile ID fraud in 2015
7.3 Ten predictions for fraudulent online activity in 2010/11
7.4 Click fraud

Chapter 8: Conclusions and recommendations
8.1 Mobile operators
8.2 Mobile web content providers
8.3 Mobile handset manufacturers

Appendix A: About visiongain
Appendix B: Visiongain report evaluation form
[Fade out table of contents]