Hide and Seek [Mobile Emulators and Location Spoofing] Featured Image

Hide and Seek [Mobile Emulators and Location Spoofing]

Learn about the detection of mobile emulators and location spoofing for protection of accounts and mobile payments.

In the world of mobile apps, fraudsters are now automating the use of mobile emulators and location spoofing to exploit the weaknesses in current mobile security defenses. 

As reported in December 2020, researchers from IBM Trusteer, discovered a massive scale attack using mobile emulators, where fraudsters have stolen millions from mobile banking customers in the US and Europe. With automation, fraudsters are able to rapidly emulate thousands of devices and use stolen credentials to access accounts and then disappear just as quickly, playing a high stakes game of hide and seek.

Location information is the one detail fraudsters can be relied upon to fake.

Most traditional security defenses rely on GPS as a location identifier to verify if the user is legitimate. However, location spoofing techniques are readily available that enable a GPS location to be easily faked. Fraudsters will commonly use location spoofing to conceal their real location and also the location of devices used for account takeover attacks. Mobile apps that rely on GPS location will be easily fooled by today's fraudsters.

Similarly, device characteristics associated with a user account can be easily faked using mobile emulators. The emulation tools that developers created to automate the testing of different mobile devices have now been turned against the same developers. Fraudsters are now automating the use of mobile emulators and location spoofing tools to mimic real customer devices and bypass traditional security defenses. The recent attacks show that fraudsters are now scaling up their attacks and they are targeting mobile apps.

Going into 2021, any company with a mobile app that includes mobile payments should be looking to increase security defenses to detect mobile emulators, root or jail-broken devices, and also GPS location spoofing. Incognia’s mobile SDK provides location and device intelligence and is extremely effective at detecting mobile emulators, device spoofing, and other forms of mobile fraud. As a leader in location behavioral biometrics Incognia's solution makes use of network signals and on-device sensors to identify anomalies in a user's location behavior. For the mobile channel, using Incognia's location intelligence provides the strongest signal for identifying trusted users from fraudsters.

For more information on Incognia's solution for detecting mobile emulators and location spoofing please visit our device integrity page.