[Mobile Application]
Security Research Center
Device binding overview
Impersonation and takeover attacks create severe financial and reputational risks for the involved parties. Attacks that are in scope of this work consist of generally three parts:
Preparation
This is the phase where an attacker would perform reconnaissance and other preparatory work to execute the attack.
Theft
On this phase, an attacker would gain access to the victim’s authentication assets, such as credentials, codes, session tokens, or even a physical device.
Reuse
This final phase is for the attacker to make practical use of the stolen data in order to impersonate the victim and gain further access to the victim’s digital assets, such as bank accounts, crypto wallets etc.
Hardening against the attack preparation and theft is a valid goal that goes outside the scope of this work. Instead, this work focuses on hardening against the last phase of - reuse.
---
title: Threat landscape overview
---
flowchart TD
impersonation_attack
preparation_phase
theft_phase
reuse_phase
re_protection
tampering_protection
malware_protection
tls_pinning
device_binding
app_attestation
impersonation_attack[Impersonation and account takeover]
preparation_phase[Preparation]
theft_phase[Theft]
reuse_phase[Reuse]
impersonation_attack --> preparation_phase
impersonation_attack --> theft_phase
impersonation_attack --> reuse_phase
re_protection([Reverse engineering protection])
tampering_protection([Tampering protection])
malware_protection([Malware protection])
tls_pinning([TLS pinning])
device_binding([Device binding])
app_attestation([Application attestation])
preparation_phase --> re_protection
theft_phase --> tampering_protection
theft_phase --> malware_protection
theft_phase --> tls_pinning
theft_phase --> device_binding
reuse_phase --> device_binding
reuse_phase --> app_attestation
style device_binding fill:lightgreen
click app_attestation href "https://www.guardsquare.com/introducing-mobile-app-attestation" "Learn more about App Attestation"
click malware_protection href "https://www.guardsquare.com/mobile-app-security-research-center/malware/overview" "How to implement malware protection"
click tls_pinning href "https://www.guardsquare.com/video/ssl-pinning-explained" "SSL pinning explained"
click re_protection href "https://www.guardsquare.com/" "Reverse engineering and tampering protection"
click tampering_protection href "https://www.guardsquare.com/" "Reverse engineering and tampering protection"
| Phase | Countermeasures |
| Preparation | Protection against reverse engineering |
| Theft | Protection against tampering, malware, TLS pinning, device binding, and more |
| Reuse | Device binding (this work), application attestation |
Guardsquare
Connect with the author
Table of contents
