City-level Cyber-Secure Multimodal Transport Ecosystem

Securing passengers data with the Kaspersky Mobile Security SDK

The passengers of the multimodal local public transport in Genoa will soon be equipped with a new version of the AMT mobile application they use to handle their tickets and subscriptions or to consult routes, timetables, and waiting times. The updated mobile app, implemented by Gruppo Sigla, will be empowered with new security and privacy features that will take care of their data while using the Genoa’s “Azienda Mobilità e Trasporti” services via their personal smartphones or tablets running Android or iOS operating systems.

The AMT mobile application will be protected with the Kaspersky Mobile Security – Software Development Kit (KMS-SDK) features from two different perspectives: the first, prevention-oriented, will allow to make an assessment of the existing vulnerabilities on the mobile devices of passengers, such as if the device allows an attacker to assign administrator privileges or if the device is password protected; this information will be shared anonymously with the Security Information and Event Management system managed by AIRBUS Cybersecurity, through which the Transport Company security managers can be informed about the critical issues, and targeted awareness campaigns can be launched.

The second perspective, detection oriented, will be used to identify threats on the passenger’s mobile device, like a spyware that tries to sniff sensitive user data, such as personal or payment data or a malware that can manipulate data relating to timetables, routes and waiting times; this information will be sent to the Risk Analysis and Impact Assessment (RITA) engine, implemented by the University of Piraeus Research Center, to allow public transport companies to prioritize the investments in cybersecurity necessary to complicate life for criminals and make sure that the cost of a cyber-attack outweighs the benefit an attacker can derive from it.

Following the ‘Secure by design’ principle, the new AMT Mobile App will be foundationally secure. The protection, allowing to thwart an overwhelming majority of attack vectors against mobile devices and data, will be implemented through the KMS-SDK five-step approach for securing mobile applications:

  1. Assess the device – Risky device settings or rooted devices can simplify successful attacks and data exfiltration. Furthermore, on Android devices, some applications can be recognized as malicious based on their behaviour or reputation. KMS-SDK will detect and mitigate the danger.
  2. Protect the device – The new AMT mobile app for Android will be protected through the ‘classic’ Kaspersky anti-malware tool designed to prevent malware from infecting the device, including a scanning to detect if a malware attempts to exploit the passengers’ device.
  3. Secure the connection – The data exchange between the passengers’ device and remote web resources needs to remain secure at all times. Both Android and iOS versions of the AMT mobile app will include KMS-SDK measures like the DNS spoofing checker, the certificate validator, the Wi-Fi safety analysis, and the website reputation analysis.
  4. Secure the data – When passengers need to input or store important information using the app, the KMS-SDK secure input and secure storage features will prevent data interception by fraudsters.
  5. Protect the application – The KMS-SDK Self-Defence features provide facilities that protect the Android version of the mobile application from exploitation by third parties. The self-defence mechanisms allow to verify the application’s digital signature, and to detect debugging and attempts to replace the method operations with malicious code.

KMS-SDK is fully integrated with Kaspersky Security Network (KSN), a complex distributed infrastructure dedicated to process cybersecurity-related data streams to deliver the Kaspersky security intelligence to every passenger who is connected to the Internet, ensuring the quickest reaction times, lowest false positive rate and maintaining the highest level of protection. KSN integration complements conventional security techniques for malware and threat detection, so that the new AMT mobile app end-users are protected from the latest mobile attacks.