| 移动金融终端安全研究 |
| |
| 引用本文: | 陈曦.移动金融终端安全研究[J].信息安全与通信保密,2014(11):106-110. |
| |
| 作者姓名: | 陈曦 |
| |
| 作者单位: | 招商银行总行博士后科研工作站; 招商银行总行信息技术部,广东 深圳518067 |
| |
| 基金项目: | 国家自然科学基金,中国银行业监督管理委员银行业信息科技风险管理课题。 |
| |
| 摘 要: | 随着商业模式的日渐清晰以及3G/4G网络的大面积普及,移动金融市场将在未来几年继续呈现爆发式的增长。然而,智能手机的开放性使得移动端的安全问题日益严重。众多新兴的金融支付类病毒利用系统漏洞,配合页面劫持、进程注入、短信劫持等攻击手段,对移动用户的金融账户、口令、验证码等信息进行盗取。终端安全性问题已经严重阻碍了移动金融市场的健康发展。针对上述问题,文中从终端硬件、系统框架、应用程序、NFC等多个技术层面展开,对当前移动互联网金融中的终端安全威胁进行详细梳理,并给出切实可行的解决方案。
|
| 关 键 词: | 移动金融 重打包攻击 组件暴露 进程注入 |
Terminal Security of Mobile Finance |
| |
| CHEN Xi.Terminal Security of Mobile Finance[J].China Information Security,2014(11):106-110. |
| |
| Authors: | CHEN Xi |
| |
| Affiliation: | CHEN Xi (aPost-Doctoral Research Center, Head Office of China Merchants Bank; b Department of Information Technology, Head Office of China Merchants Bank, Shenzhen Guangdong 518057, China) |
| |
| Abstract: | With the increasingly mature of business model and wide popularization of 3G/4G networks,mobile finance market could usher in an explosive growth in the future years. However, due to the openness of the smart phone, the security of mobile terminal be- comes increasingly serious. A large quantity of emerging viruses in mobile payments filled take the system vulnerabilities attack mobile users and steal their confidential information, such as financial accounts, passwords and verification code by implementing page hijac- king, process injection and SMS hijacking, etc. Security of mobile terminal severely hinders the healthy development of mobile financial market. Aiming at the above problems,this paper,from the aspects of terminal hardware, system framework, application program, NFC and other technique levels, describes in detail the terminal security threats in mobile internet finance, and gives the feasible and appli- cable solutions. |
| |
| Keywords: | mobile finance repacking attack components exposure process injection |
| 本文献已被 维普 万方数据 等数据库收录! |
|
