Lunar New Year is a time for celebration for many people around the world, but it’s also a good opportunity for scammers who are always trying to entice victims to grab the next cheap online shopping deal. A common technique that scammers use is to lure a victim into installing a malware app that can then be used to phish user’s credentials, capture SMS OTPs, or even remotely control the phone to perform banking transactions. 

Today, banking is mostly done online, making app security very important to protecting users’ money and information. With the widespread use of mobile phones for banking, implementing strong security measure is essential. Now, more than half of all banking is done on mobile phones, presenting banks with new and complex challenges. To keep customer trust and data safe, banks need robust security strategies that can stop threats in real time and defend against sophisticated cyberattacks

As we reflect on 2024, V-Key is proud of the milestones we’ve achieved and the innovations we’ve introduced in the field of digital identity and mobile security. This year, we have remained steadfast in our mission to protect digital experiences and empower businesses with advanced solutions. From key industry events to groundbreaking technological advancements, we’ve continually strived to meet the evolving needs across various sectors.  

V-Key, a global leader in mobile security solutions, introduces V-Key ID, a breakthrough solution enabling businesses to secure digital identities across all platforms. V-Key ID delivers a comprehensive digital identity experience, ensuring seamless onboarding, authentication, and biometric verification while adhering to the highest privacy standards. 

 Joseph Gan, CEO of V-Key, stated, “V-Key ID is not just a technology but a strategic solution for businesses navigating complex digital ecosystems. It streamlines identity processes, allowing businesses to scale securely while delivering an efficient experience for users.” 

Today, secure KYC solutions are key for many industries relying on mobile applications. They protect financial and other mobile interactions. We focus on making digital KYC easy yet secure for everyone. This way, users get quick access to services safely, knowing their info is protected from fraud.  Exploring the benefits of automated customer verification, we see how KYC solution is vital for secure financial transaction and digital banking.

For businesses, especially those handling sensitive data or financial transactions, ensuring app security is no longer optional. The risk is real: attacks on mobile apps can lead to reputational damage, regulatory fines, and the loss of user trust.  

V-OS App Shield is a reliable solution designed to safeguard mobile applications. Beyond the basics of security, it offers a cost-effective approach that combines robust protection with ease of use. Here are 5 ways V-OS App Shield can enhance your mobile app security and deliver real-world benefits. 

Mobile devices continue to become indispensable, with the average smartphone user spending around 88% of their day interacting with apps. This surge in mobile usage highlights an escalating need for businesses to ensure their apps are secure, as the stakes of app security have never been higher. From retail businesses to e-commerce platforms, mobile apps handle sensitive user data and provide access to essential business systems. The consequences of a breach can be devastating, both for businesses and their users. 

Today’s advanced biometric solutions are key to enhancing digital security for mobile platforms. They make our lives easier and safer. biometric solutions boost identity verification with unmatched accuracy. They protect against identity theft and unauthorized access. This makes biometric authentication solutions a vital part of our digital security.

V-Key is thrilled to support Huawei’s HarmonyOS NEXT, marking a significant advancement in mobile security and innovation. This update showcases our dedication to leading in mobile security and technology.

SMS OTPs have long been a staple of multi-factor authentication, providing an additional layer of security beyond just a password. Users receive a unique code via SMS, which they must enter to complete a login or transaction. However, this method has vulnerabilities. Scammers have exploited weaknesses in the SMS system, using phishing techniques to trick users into revealing their OTPs. In some cases, SMS messages can be intercepted, allowing unauthorized access to bank accounts.

Mobile applications are key to daily business operations, customer engagement, and overall functionality. According to Google, the average smartphone user interacting with nearly 10 apps daily and spending about 88% of their time on mobile, the need for strong mobile app protection has never been more pressing. Introducing V-OS App Shield, a revolutionary solution designed to secure your mobile apps fast and easy.

V-Key empowers you to choose the optimal security solution for your mobile app. Whether you require the comprehensive security of V-OS Mobile App Protection for advanced flexibility and protections, or V-OS App Shield for ease of deployment, V-Key offers the solutions and expertise to safeguard your mobile apps and user data.  Read this blog to learn more.

The threat of cyber-attacks looms larger than ever, with phishing schemes becoming increasingly sophisticated and automated. Organizations and consumers must stay vigilant and informed to protect themselves from these malicious tactics. With the continuous advancement of technology, cybercriminals are constantly refining their strategies, making it crucial for everyone to understand the risks and take proactive steps towards securing their online activities. 

According to the IBM Security’s Cost of a Data Breach Report 2023, the global average cost of a data breach reached a staggering USD 4.45 million. This figure represents a 15% increase over just three years, highlighting the escalating financial burden breaches pose. For an SME, such a financial blow can be catastrophic, potentially leading to bankruptcy or forced closure. 

The recent data breach at Outabox, impacting millions of hospitality customers in Australia, sent shockwaves through the industry. News outlets like Australian Broadcasting Corporation and The Guardian reported unauthorized access to user data, potentially exposing sensitive information like names, addresses, and even biometrics in some cases. Some reports suggest over a million individuals may be affected, raising significant privacy concerns.

Data breaches can have far-reaching consequences, leading to financial losses, reputational damage, and even legal repercussions. V-Key understands this responsibility and takes data protection very seriously. This commitment is reflected in our achievement of SOC 2 Type 2 certification, a rigorous independent audit that validates the strength of our security controls. 

Consumers demand swift, seamless, and efficient services, whether they are making purchases, managing finances, or securing their digital presence. This is where self-service solutions stand out, offering a powerful way to meet these demands head-on. As we approach the launch of a groundbreaking self-service portal for V-Key solutions, it’s essential to understand how self-service is revolutionizing user experiences and offering unmatched convenience and control. 

Recent security incidents, including those involving leading technology firms, have underscored vulnerabilities within SMS-based authentication. These events have prompted organizations to reevaluate their security strategies. To effectively defend against cyber threats, it’s essential to understand the strengths and weaknesses of MFA – SMS approaches and explore how additional technologies like Push Notifications and Silent Network Authentication (SNA) can enhance overall security.

The convergence of technology and banking has catalyzed significant changes in the operations of banks and their interactions with customers. One prominent change is the emergence of fully digital banks, which are revolutionizing conventional banking practices and enhancing accessibility to banking services and new concepts.

V-Key, renowned for its advanced security solutions has proudly joined Bridge Alliance as their technology Partner,  solidifying their commitment to innovation and excellence in mobile security. This partnership opens doors to explore new avenues for enhancing authentication experiences and mitigating cybersecurity risks.

Transforming Digital Banking in Philippines

“V-Key has a history with major banks around the region where the solutions are very well validated, protected by global patent and well proven to provide that trust factor and security for customers that we need.”

– Greg Krasnov, CEO & Founder, Tonik

V-OS, DBS launched the award-winning digibank service

Powered by V-Key’s revolutionary V-OS, DBS launched the award-winning digibank service, a fully digital banking experience in India. As a foundational element, V-OS brings security with unprecedented convenience to every mobile phone transaction on digibank.

With Lunar New Year around the corner, experts have warned of an anticipated surge in scams due to the increased online shopping activities. We need to be aware of two major types of attacks.

Mobile malware attacks are once again on the rise in Singapore, with Android users being the primary targets. These attacks typically begin with enticing advertisements spread across various social media platforms such as Facebook and Instagram. These ads lure victims in with attractive promotions, often related to food delivery and cleaning services. To avail of these offers, victims are directed to click on a link, which connects them to scammers via WhatsApp. The scammers then request the installation of a mobile app and a SGD 5 deposit to confirm the order. Unfortunately, the installation of this app grants the attackers control over the victim’s device, leading to potential bank account breaches.

2FA/MFA was introduced to make it harder for attackers, by requiring two or more proofs of identity – also known as authentication factors. These can take many forms, but can be boiled down to: something you know (e.g., a password), something you have (e.g., a cryptographic key), or something you are (e.g., a biometric ID that is unique to you) [1].

However, 2FA/MFA is not a universal panacea that can be picked off a shelf and thrown in to solve any and all challenges presented by attackers.

In a significant strategic development, V-Key, a leading provider of advanced mobile security solutions, has formed a powerful alliance with Ignite Partners, a highly respected consultancy firm known for its expertise in helping over 600 international companies successfully enter and expand their operations in Australia and New Zealand. As part of this collaboration, Ignite Partners has appointed two seasoned professionals, David Eccles and Ray Fleming, both with extensive experience in sales, management, and business development, to lead V-Key’s expansion into the Australian market. This announcement marks a pivotal moment for V-Key as it aims to secure Australia’s digital landscape and contribute to the nation’s growing digital economy. 

Account takeover occurs when unauthorised individuals gain control of a user’s online account, granting them access to personal information, sensitive data, and even the ability to perform malicious actions. By incorporating non-repudiation into their cybersecurity solutions, businesses can create a secure user environment and establish a foundation of trust.

Mobile devices are highly susceptible to various security threats, and without proper security measures, hackers can exploit these weaknesses to gain unauthorised access to your crypto wallet. Mobile app security helps protect your wallet from malicious apps attempting to steal sensitive information.

The financial losses and reputational damage caused by these fraudulent apps and malware have highlighted the urgent need for robust mobile app security measures. Businesses operating in Thailand must prioritise the integration of comprehensive security protocols to protect their customers and reputation.

V-Key ID utilizes V-OS, a secure operating system, to encrypt user identity data. This encrypted data can be safely stored in the cloud, ensuring enhanced portability without compromising data security. Users can access their identities seamlessly while maintaining data integrity.

Smart tokens are essential to authenticate and authorise financial transactions. They make digital payment systems secure and reliable with multiple layers of protection. Smart tokens are cryptographically secured, meaning they cannot be easily replicated or hacked, and the data associated with each token is encrypted to ensure total privacy. Banks may employ smart tokens to construct a safe, dependable, cost-effective digital payment system to conduct transactions and store consumer data. Tokens may also be used to authenticate end users, making the authentication process safer and faster. It can help to protect against malicious attacks, as tokens cannot be tampered with. Smart tokens present a unique opportunity for the banking sector to revolutionize financial transactions by providing secure, reliable, and cost-effective digital payment solutions

V-OS Mobile App Protection offers a comprehensive solution to address the security challenges faced by businesses and customers alike. With its innovative technology and multi-layered approach, V-OS Mobile App Protection safeguards mobile applications from various threats, including reverse engineering, tampering, and code injection. Built on V-Key’s patented V-OS Virtual Secure Element and Runtime Application Self-Protection technology, it ensures the integrity and confidentiality of critical functionality, even when the operating system and device is compromised. By adopting V-OS Mobile App Protection, businesses and customers can have peace of mind, knowing that their data is secure and protected from cyber threats, enabling a safer and more reliable digital payment experience.

Mobile applications have transformed how Filipinos communicate, shop, finance, and do business in the Philippines. With a developing digital economy and ranking fifth globally in app downloads, the Philippines has seen an increase in mobile app adoption across various industries. According to a report by the Philippine National Police Anti-Cybercrime Group, cybercrime cases in the country increased by 80% in 2020 compared to the previous year, and according to Statista, the number of smartphone users in the Philippines is expected to reach 40.9 million by 2023, accounting for a significant portion of the country’s population.

V-OS App Identity has numerous significant advantages that make it an essential solution for businesses looking to improve their Zero Trust Strategy. It removes the need for external authenticators by providing a self-contained secure element for every mobile app. This not only improves security but also improves the user experience.

V-OS is a virtual operating system that is used on more than 200 million devices worldwide. It is designed to provide a secure environment for apps, servers, and other endpoints in a system so that sensitive data remains protected at all times. One of the key features of V-OS is its ability to provide a secure element bound to every app, which serves as proof of the app’s identity and integrity. 

The V-OS Biometrics is a unique smart biometrics solution that helps enterprises, governments, and API partners secure authentication and authorization mechanisms on mobile. It provides instant face biometric authentication that can be used to quickly authenticate users during onboarding or enable as a step-up function for high-risk transactions. By combining V-OS eKYC with V-OS Biometrics, the V-OS Biometric Identity Mobile SDK provides an out-of-the-box, streamlined identity verification and solution.

Security is a major concern for both individuals and corporations in today’s digital age. One of the most common methods used for two-factor authentication is the use of hardware OTP (One Time Password) tokens or OTP delivered via SMS.

SMS OTPs have been proven to be insecure, prone to interception and phishing attempts. Hardware tokens are expensive to deploy, can be lost or stolen, are inconvenient to use, and must be replaced on a regular basis.

In today’s digital world, mobile devices have become an essential part of people’s everyday lives. They are used for communication, entertainment, employment, shopping, and a variety of other purposes. As people become more reliant on their mobile phones, the possibility of cyber-attacks and data breaches grows, and having a mobile app protection solution can keep our personal and sensitive information secure.

Last weekend, I forgot my wallet as I took my daughter out to the mall. I realized this as we were in a cab halfway to our destination. A few years ago, this would have been a disaster, as retail financial transactions were only possible using cash or credit/debit cards.

Thankfully, I had my mobile phone with me. As long as I had an internet connection, I really didn’t need to actually have my physical wallet.

Get an in-depth look at the technology behind V-Key’s world-class, digital security solutions.

V-Key’s CTO Er Chiang Kai and his team have released an updated whitepaper detailing a comprehensive overview of V-Key V-OS and the various product families that complement it: This whitepaper covers the following:

New research by V-key shows that most apps used for mobile authentication have serious vulnerabilities, even if hardware security is used. V-Key has discovered a general flaw (named the “Trust Gap”) in these apps’ architectural design which hackers can exploit using malware to illegally obtain a target’s authenticator keys. This enables bad actors to make unauthorized transactions or sign bogus documents, opening up a digital service to account takeovers, data leakage, fraud or worse. This is an insidious and sophisticated attack as the targeted authentication app doesn’t even need to be running or be tampered with to be compromised.

V-Key has been recognized amongst 6 vendors in the IoT Security category in the 2021 Gartner Hype Cycle report for Identity and Access Management.

The Hype Cycle Report is an annual report that allows organizations to identify and make informed choices when looking for trusted, future-proofed solutions to adopt.

V-Key announced today the launch of a global Digital Trust Platform that allows businesses to deliver new and trusted digital solutions more effectively to their customers through it.

The Digital Trust Platform provides a security foundation on which companies can build a range of Digital Identity services for Mobile and IoT devices with the same security foundation that V-Key delivers today for banking and government customers.

Take a glimpse of V-Key’s Trusted Identity Solutions available on the cloud! This may just be your answer to securing your digital solutions.

V-Key announces a strategic collaboration partnership with Scytáles based on their diverse but complementary capabilities within mobile authentication and validation of an individual’s digital identity.

Both companies are worldwide recognized technology leaders and frontrunners respectively with pioneering products and services enabling the highest standards of mobile identity security that will serve as a backbone in an increasingly interconnected digital economy.

There are some aspects of mobile apps that make RASP for Mobile Apps different from RASP in general. We first describe RASP in general, and then zoom in to RASP for Mobile Apps. In this whitepaper, we deep dive about RASP for mobile apps and V-Key’s V-RASP, V-RASP+ and V-RASP++, a mobile-first solution specifically designed for mobile app protection.

With the spate of remote working regime due to Coronavirus pandemic, the reliance and growth for video conferencing platform has been exponentially escalated. However, most mobile apps today are nowhere near as secure as we would like them to be.

V-Key launches its V-OS Trusted Identity Services in world’s largest Cloud marketplace, offering Enterprise-grade security to everyone.

V-Key announced an agreement with Ingram Micro Cloud, to roll out its internationally acclaimed V-OS Solution progressively in seven Ingram Micro Cloud Marketplace across Asia Pacific. V-OS Trusted Identity Services refer to the Cloud-based Identity as a Service (IDaaS) offerings for mobile security and Authentication technologies. Until recently, these solution have traditionally been offered as on-premise solutions for large enterprises, and this collaboration hopes to enable SMEs to seamlessly deploy Enterprise-grade security to protect Digital Identity.

Crunchfish AB (“Crunchfish”) announces today that the company has entered into a Marketing & Technical Partnership Agreement with V-Key Pte Ltd (“V-Key”) regarding identifying and developing joint offerings of each party’s software product in relation to Crunchfish’s patent pending Offline Wallet. 

V-Key is proud to announce that our V-OS is the world’s first Virtual Secure Element to obtain Common Criteria EAL3+ certification on iOS and Android.​

V-Key announced that V-OS, V-Key’s core patented technology, is the world’s first virtual secure element to receive a Common Criteria Evaluation Assurance Level (EAL) rating of 3+, derived from the U.S. Government’s Protection Profile for General Purpose Operating Systems.

How to survive a hacking attack? Do you have confidence that your mobile app will emerge victorious or the hacker will have a great bounty? Mobile security is everyone’s top priority and making the right choice is critical. Here are 10 questions to evaluate your mobile security system.

TONIK chooses V-Key’s V-OS App Protection on V-OS Cloud to secure their first pure-play Digital Bank in the Philippines

With mobile being the future of everything, most companies seek to digitalise their offerings to end-users in order to ride the tides of the ongoing digital trend. And while most businesses and institutions have taken the step towards digitalisation on mobile, cyber threats on mobile devices are still very prevalent.

SIM swap scam (also known as SIM jacking, SIM splitting, or Port-Out scam) is a type of account takeover fraud that exploits the weakness in conventional methods of two-factor authentication/verification. More often than not, this attack is used for applications that require an OTP verification to be verified via an SMS text or via a call by the end-user.

Hooking is a term for a range of code modification/tampering techniques that are used to change the behaviour of the original code running sequence by inserting instructions into the code segment at runtime.

Find out from this whitepaper why it is critical to understand the process of a hooking attack and how you can mitigate such attacks on your mobile device.

COVID-19 has pushed the majority of the world’s workforce to exercise the largest work-from-home movement.

Local deep-tech SME, V-Key, participates in an initiative led by SGTech and jointly with IMDA to provide secure 2FA Cloud authentication solutions.

With COVID-19 on the minds of many, we want to take a moment to personally update you on the steps we are taking at V-Key to ensure the continuity of our business and support functions of our customers. 

Functions that detect jailbroken/rooted devices are most commonly added to transactional mobile applications, serving as the most basic defense against threats. However, this is nothing but a drop in a bucket.

Following the Ingram Micro Comet Competition ASEAN & HK region where V-Key partook and emerged winner, Ingram Micro honoured V-Key as leading ISV.

Razer Fintech’s digital bank will be the first global youth bank, namely, the Razer Youth Bank for youth and millennials. Along with the bid, V-Key was announced as one of Razer Fintech’s technology partner.

Today as GATES ICT Channel Summit comes to an end, V-Key was crowned GATES Gold Special Award for Innovative Solutions for Vendor by live voting.

Competing alongside 14 other innovative companies in the competition, V-Key emerged Winner of the Ingram Micro Comet Competition ASEAN & HK region, walking away with $100,000 in GTM funding. Amongst the other runner ups were Arcstone, DataMesh and Taiger.

On 26th July, V-Key had the privilege of hosting the Deputy Prime Minister of Singapore, Mr Heng Swee Keat, and a group of esteemed guests in our Singapore headquarters.

V-Key, a leading provider of internationally-acclaimed digital security solutions, was named as one of the top 3 firms in the inaugural “Fastest Growing Companies in Singapore” conducted by The Straits Times and Statista.

Razer Pay and V-Key inked a Memorandum of Understanding (MOU) to foster strategic collaboration over digital identity and e-payments.

As Paidy, a Japanese payments company providing instant post-pay credit service expands their payment offerings and merchant touchpoints, they recognized the need for a fast and seamless payment experience. V-Key’s pioneering mobile security technology gives the Paidy team the confidence that they are future-proofing their mobile strategy and ensuring the integrity of their consumers’ data.

A partnership agreement just signed between V-Key, with its patented Virtual Secure Element, and Ailleron, the owner of LiveBank, which offers cutting-edge technologies, will bring a new dimension to digital bank onboarding worldwide.

V-Key partners Assurity to bring convenience to security

Singapore-based V-Key works with global payments and e-commerce companies, banking and financial institutions and government bodies to protect the personal and financial data of their mobile customers.

Boosting collaboration will help build vibrant ecosystem where innovation will drive economy

Continuous partnerships with institutes of higher learning give V-Key Pte Ltd easy access to talent for future growth

Ant Financial Services Group (Ant Financial), operating company of Alipay, and existing investor venture capital firm, IPV Capital, make a USD12 million Series B investment for a minority stake in V-Key.

Welcome to our Series of Explainer Videos entitled #TrustSimplified where we aim to simplify our technology and business value into 5 bite-sized videos.

Recognizing that existing mobile software protections are insufficient against today’s cyber threat landscape, we take a closer look at the main types of software protections in the market.

Virtually every computing device in the world is made unsafe by the latest disclosures on Central Processing Unit (CPU) vulnerabilities. Find out how the virtual secure element technology is protecting millions of mobile application users against such vulnerabilities.

There has been a recent surge in Android malware abusing Android Plugin Frameworks for malicious behavior. DroidPlugin, Parallel Space and VirtualApp are several plugin frameworks that have been abused by malware in recent months to spread Android malware.

Have financial institutions accepted a status quo that sacrifices user experience for increased security? With mobile digital identity quickly becoming central to an entire suite of online services, those who challenge the status quo will set themselves up to prosper and grow. Read more to find out three oft-ignored areas of research.

Establishing a close working partnership with our customers is our Top priority. Architecting a strong security foundation with the UOB team has paved the way for meteoric growth in the UOB Digital ecosystem across the region. Balancing customer experience while maintaining strong security policies continues to allow UOB to deliver stronger digital services across all their businesses.

V-OS is the world’s first virtual secure element. Cryptography plays a dual-role in these; to secure and manage the secrets kept within V-OS, and to provide a lightweight yet comprehensive cryptographic library.

V-OS is the world’s first virtual secure element, a software solution with security built into the firmware code. These include secret cryptographic parameters and data, which need to be randomly generated and securely persisted, and are then transformed into code and data files.

From banks to government agencies, many organisations are intrigued by and exploring software security solutions such as mobile tokens and mobile identity systems for individual identification, authorisation and authentication.

Banks in Southeast Asia should look towards software-based biometrics as the way forward to navigate the regulatory differences in the region and secure their customers’ transactions.

As technology evolves, banks and financial institutions have no choice but to innovate. However, when it comes to security, many still rely on traditional, costly methods.

Safe, convenient and simple.

With global cumulative investment in financial technology (fintech) forecast to exceed US$150 billion in three to five years, economies around the world are vying to attract fintech innovators and cash in on this growing industry.