With a growing volume and diversity of cyber-attacks targeting smartphones and other devices attached to mobile networks, consumers need to ensure that their data and apps are adequately protected against theft, corruption and unauthorised access. Mobile network operators (MNOs) can play a central role in providing and maintaining those cybersecurity defences to ensure a safe and consistent end-user experience for customers, which increases average revenue per user (ARPU) and reduces churn.
The avalanche of threats directed at Android smartphones, in particular, has been steadily expanding, more so as lockdowns pushed employees into working from home and accessing company data on their smartphones and tablets regularly. In July 2020, for example, Skybox Security’s Vulnerability and Threat Trends Report noted a 50% increase in mobile vulnerabilities in the first half of the year, which it attributed specifically to deficiencies in new Android devices as the line between business and personal smartphone use began to blur.[i]
Cybersecurity firm Lookout also identified a surge in phishing attacks targeting healthcare data and smartphone apps accessed via mobile networks in the third quarter of 2020.[ii] Another threat comes from mobile ad fraud, rates of which are estimated to have risen by 173% between August 2019 and 2020 according to mobile app marketing platform Adjust.[iii]
Mobile ad fraud can take several forms, including encouraging users to click on ads that appear to take them to legitimate apps or websites but, in fact, direct them to other destinations. It can be particularly damaging for telcos and MNOs because it undermines ad marketing campaigns and can lead to higher end-user data charges caused by smartphone resident malware that is constantly sending and receiving traffic in the background.
The same is true for cryptojacking attacks that download malware which hijacks the smartphone to mine for cryptocurrency elsewhere without the owner’s knowledge, often draining device battery life and leading to a poor customer experience in the process.
Mobile malware market forecast for rapid growth
Google includes cybersecurity tools as standard and for free with its Android operating systems, but it takes time for vulnerabilities to be identified and updates made available. That makes it easier for hackers to exploit mobile devices in the meantime. Consequently, many consumers prefer to layer additional security defences on top of Android’s default provision. This trend is likely to gather pace as more people use their smartphones for business purposes as they continue to work remotely post-pandemic. Indeed market for paid mobile anti-malware solutions was valued at US$4.5bn in 2020 and is forecast to expand at a compound annual growth rate (CAGR) of 18.4% to reach US$12.4bn by 2026, according to Mordor Intelligence.
Many cybersecurity suppliers deliver anti-malware solutions designed for smartphones, often in tandem with endpoint protection tools that also cover desktop and laptop computers. The premium paid version of McAfee’s Mobile Security for Android (Plus) tool costs around US$5 a month for a monthly subscription, for example, with the app available for download and purchase through the Google Play store. The same is true for Sophos Intercept X for Mobile, while Norton LifeLock offers various malware protection grades for multiple mobile devices under monthly subscriptions to its US customers.
Some companies also have forged alliances with telcos and service providers, which bundle their cybersecurity tools and subscriptions within broadband connectivity packages. McAfee is a case in point, having entered partnerships with BT in 2018 and Telefónica in 2019. McAfee’s smartphone security solutions are validated by the customers’ SIM card, giving MNOs an ideal opportunity to layer monthly fees on top of their mobile phone accounts.
That is precisely what consumer-focussed anti-malware specialist Avast announced that it would do in February when it announced it would offer monthly subscriptions to its mobile cybersecurity platform via direct carrier billing (DCB) for customers in Latin America in February this year. The company will allow consumers in the region to pay for Avast’s subscription-based security services either as part of their monthly phone bill or from existing pre-paid balances. Estimates suggest that around three-quarters (76%) of Latin American consumers do not have access to a debit/credit card and commonly rely on offline payments, predominantly cash, to fund purchases.
Carrier billing is just one of multiple payment options Avast offers to its customers, alongside credit/debit cards and app stores. By providing a range of flexible billing choices, the cybersecurity company both makes its services accessible to a broader segment of the region’s population while simultaneously improving its customer experience by making cybersecurity simple and its access convenient.
Cybersecurity companies also can team up with specialist third-party payment service providers to offer their subscriptions via carrier billing. Companies like DOCOMO Digital have established relationships with telcos and MNOs in every corner of the world, alongside local payments regulation experience, which provide strict rules on how security software and services can be sold and marketed.
Hackers are unlikely to let up in their relentless efforts to defraud smartphone users of their cash and identity credentials any time soon, and cybersecurity suppliers have enough on their plates in just implementing and maintaining adequate protection from those attacks on behalf of their customers. Partnering with a payment service provider to set up a safe, secure and convenient carrier billing channel on an international basis leaves them free to focus on keeping those smartphone defences robust and up to date.
[i] COVID-19 pandemic sparks 72% ransomware growth, mobile vulnerabilities grow 50%, Security Magazine, 22nd July 2020
[ii] Report shows pharma industry struggling to handle mobile-based cyber-attacks, MobiHealthNews, 17th November 2020
[iii] Global mobile ad fraud jumped 173% in 2020, BusinessofApps, 20th November 2020