The expansion of the Internet, mobile computing, and the proliferation of connected devices have led to increased opportunities for data and identity theft. In the mobile ecosystem, the number of mobile applications is growing exponentially, and mobile devices can access services without explicit user intervention, which means the device may be sending sensitive data to an untrusted third-party without proper protection or authorization. In addition, users access Internet resources using untrusted mobile applications and browsers, increasing the probability of propagating malware to their devices. And while the widespread availability of WiFi is convenient for users, it opens the door to unfettered attacks on mobile devices and the unauthorized collection of sensitive data.
Mobile computing is currently so pervasive that besides storage of personal data, personal financial applications and social media activities, corporate applications often coexist on the same device. The device can also serve as an online identity tool and as an additional factor of authentication enabling access to highly sensitive domains and resources. Malicious software can invade a mobile device as a result of user activities that originate from an approved device, but the potential for damage increases significantly with practices such as rooting, jailbreaking, and side loading untrusted applications. Avoiding or delaying device security updates can also make a device an easy target for vulnerabilities.
Recent Alliance resources include:
Additional resources on transportation payments can be found in the Alliance Knowledge Center.