Janek Klawe
Oct 14, 2016 at 12:00 PM in 380 Soda Hall
Title:Mobile Software Tamper Detection
Abstract: As a financial services company, any potential tampering with Square's apps is a security risk, but also serves as a potential indicator of fraud. Client-side tampering checks are relatively easy to circumvent as attackers can modify the device's OS. To counter this, we use a server-driven system that detects both app and OS modification. By collecting a range of system properties from each device used by our large population of merchants, we can categorize devices by model and firmware and identify anomalous configurations. Users with signs of tampering are classified by risk level and flagged for further action.
Bio: Janek Klawe has been a part of Square's Mobile Security team for two years. Earlier in his career, he developed high-frequency trading algorithms and infrastructure, as well as software for rendering watercolor-style animations.