In a recent competitive analysis, ABI Research, a leader in technology market intelligence, analyzed the importance of software security. The firm forecasts that the security testing market will grow to $6.9 billion by 2020.

Still, there’s some resistance.

“The biggest challenge for company software developers lies in market forces and funding,” says Monolina Sen, Senior Analyst at ABI Research. “Their incentives, and consequentially their priorities, are tied to implementing new features and meeting deadlines. With companies always aiming to shorten product cycles, app security is usually among the first add-on to be cut.”

Traditionally, security audits and quality assurance testing happen toward the end of the development cycle, by which point most security issues are expensive to fix.

“The changing threat landscape and increasing frequency of application attacks, however, is forcing security-focused organizations to more adequately address web application security through secure software development. As such, application security testing is becoming crucial for organizations to adhere to compliance regulations, while at the same time defending themselves from security attacks,” a provided statement reads.

In its report, ABI Research reviewed the software security approaches of six industry vendors: Acunetix, Checkmarx, Cigital, IBM, Qualys, and Veracode. The report highlights current software security development trends and provides insight into the secure software development solutions existing in the market, as well as their effectiveness.

The report can be accessed here.

The post ABI Research: Security Testing Market Should Grow to $6.9 Billion by 2020 appeared first on Mobile Marketing Watch.

In one of the cases, the debt collection agency Select Resources Group was sending debt collection-related communications. These were apparently robocalls. However in this particular case the plaintiff’s cellular phone provider was billing the plaintiff for these ‘robocall-style communications’.

Coca-Cola was using text messages when they were hit with a class action law suit. The suit mentions that even though some plaintiffs replied STOP to the text messages they continued to receive unwanted texts. Here is the specific language from the law suit:   “The SMS messages included material to promote the sale of Coke products, such as an advertisement for Coke Zero, which plaintiff Robbins received. Robbins replied using the word “STOP”, but continued receiving text messages.”

That is a BIG no-no! Once a STOP message is sent to any short code then the owner of the code must a) immediately remove that cell number from receiving any further texts and b) are allowed to send one final message in response to the STOP request informing the end user that they have in fact been removed from future messaging.

I’m not quite sure who else uses fax messaging anymore but apparently Burger King does and they got into some hot water for doing so; I guess they cannot ‘have it their way’ after all…

Be they texts, faxes or automated phone calls there are but a few simple things to remember about messaging to your audience:

1. Make sure you have their written consent to do so.
2. If they ask you to stop messaging them then make it a high priority to honor that request.
3. Be aware that your marketing messages can potentially result in charges to your end users.

The post Taking a Look Back at Some Past TCPA-Related Lawsuits appeared first on Mobile Marketing Watch.

What to do? A Mobile Marketing Association webinar will provide both answers and insight. The webinar — “FCC Proposes New TCPA Laws – What Every Retailer Needs to Know About The Telephone Consumer Protection Act” — is set for Wednesday, August 5 from 1 to 2 p.m. (CDT).

It’s especially timely.

“On June 18 the FCC issued new requirements for those engaged in text and telemarketing,” reports the Mobile Marketing Association (MMA), sponsor of the free webinar. “What do these new rulings mean to your company? Is your company at risk when making automated outbound calls or sending texts? Is your company taking the right steps to mitigate TCPA risks?”

The MMA is working with partner Neustar, a good source of authoritative information. Federal Trade Commission veteran and Neustar Chief Privacy Officer Becky Burr will be one of the presenters. She’ll be joined by Neustar’s Adam Russell, who will discuss how authoritative consumer intelligence is helping to mitigate risk while also driving operational efficiencies.

Webinar topics include: what retailers need to know about the FCC’s new regulations under TCPA; best practices for mitigating TCPA compliance risk; why verifying consumer data is critical to both risk mitigation and operational efforts; and how the constant change in consumer data requires the most extensive, up-to-date, and accurate data.

To register or to learn more, click here.

The post What Every Retailer Needs to Know About the TCPA, Reducing Litigation Risk appeared first on Mobile Marketing Watch.

MasterCard is currently beta-testing with 500 people the use of a selfie as their password.

Many phone creators are already on board with this breakthrough idea. Apple, Blackberry, Samsung Microsoft, and even Google are all aid to be excited to implement this new security feature.

So how exactly does this work? According to Information week, “The facial recognition program will map out the user’s face and convert it to binary code, which is then transmitted over the Web to MasterCard. Once the scan is set up, a user will see their image prior to making a purchase and will have to blink at their smartphone in order to verify their identity and complete the purchase.”

With this new idea, though, does come some skepticism. If this is something that will be utilized to handle sensitive financial information, more advanced facial recognition technology will be needed… and soon.

For more information on selfie passwords, check out the full report from Information Week.

The post Selfies May Soon Become Your New Mobile-Centric Password appeared first on Mobile Marketing Watch.

The following is a guest contributed post by Gary S. Miliefsky, CEO of SnoopWall Inc.

The world is waking up.  Riots in France.  Over Uber, you ask?

Yes, the app you conveniently downloaded on your smartphone to help you get a ride from where you are to where you want to go, usually at a lower cost than a taxi and more convenient in some cities than hailing a cab, is also a brilliant piece of SPYWARE.

Yes, let’s call it what it is. Just review the permissions it asks for on the Google Play store.

Uber app by Uber Technologies Inc., Version 3.55.0, can access:

• Identity – add or remove accounts; find accounts on the device; read your own contact card.
• Contacts – read your contacts.
• Location – find your approximate location (network-based); or precise location (GPS and network-based).
• SMS – receive text messages (SMS).
• Phone – directly call phone numbers.
• Photos/Media/Files – read the contents of your USB storage; modify or delete the contents of your USB storage.
• Camera – take pictures and videos.
• Wi-Fi connection information – view Wi-Fi connections.
• Device ID & call information – read phone status and identity.
• Other – receive data from the Internet; modify system settings; use accounts on the device; view network connections; full network access; control vibration; prevent device from sleeping; read Google service configuration

In addition, without knowing in detail what’s in them, updates to Uber may automatically add more capabilities within each group.

Now, I would agree the riots in France were mostly over UberPop, their French app with more than 400,000 downloads in the country, stealing business away from the taxi industry in violation of French law. But it’s also been reported that the French are upset with Uber’s data collection and privacy policies.

Like most “growing too fast to think straight” companies, Uber joins the ranks of Google, Facebook and Twitter in wanting to know everything they can about everyone.

It’s a growing trend where the marketing vice president of these companies convinces the CEO that “consumer analytics” is where it’s at. Collecting as much information about everyone is just going to make the product better, they say.

Without concerns for our privacy, they collect and mine data without us knowing when, how and why? Ultimately, these companies feel if we the people (or in this case “sheeple”) are willing to go along with the pack and just give away our right to privacy for convenience, well, shame on us, not them. It should be the other way around.

Slowly, there is an awakening. It’s happening now in France, all over Uber. It’s happening in New York City, all over Uber. What did Uber do in NYC to spark this rebellion?  Uber has been using data mining to attempt to rally public sentiment against the proposed cap on Uber’s drivers in New York. They actually send unsolicited political text messages to those in the Geolocation of NYC trying to rally support.

Creepy. Very creepy. This is the tip of the iceberg of what Uber can do because of all the data it has collected. Remember last year, when Uber NYC executive Josh Mohrer tracked technology reporter Johana Bhuiyan on two occasions using a feature known as “God View?” What a great internal name for the SPYWARE dashboard of Uber.

God View is available to all employees at the car-sharing service and allows them to see customer activity, such as where a person wants to be picked up.

Marketing VP and developers at Uber, what were you thinking? Shame on you for building a SPYWARE network instead of a private car service.

Maybe this is the beginning of a pivotal moment – when consumers start to question companies with God Views that collect data on them that violates their privacy. Maybe soon people will demand a PRIVACY ride service and even be willing to pay a slight premium per ride so that their personally identifiable information (PII) won’t be gobbled up into a corporate database that is never secure enough against the next hacker attack, and that’s managed by companies with staff willing to use that data in ways consumers would never have approved.

Uber, get out of our contacts list. Stop tracking us. Anonymize and encrypt your “God View” system and rename it to what is – Consumer SPYWARE Dashboard. Your marketing VP needs to read “1984” by George Orwell and realize that “we the people” no longer are willing to become a product in your database.

Do a great job. Offer a great service. Don’t steal our privacy or creep on us anymore.

The post Opinion: Citizens Demand ‘Uber’ Privacy appeared first on Mobile Marketing Watch.

The announcement comes just as FCC members are considering whether tougher robocall services are a good idea.

YouMail is an app for both Apple and Android-based smartphones. It allows users to better manage incoming phone calls and boasts a host of features that improve privacy and productivity.

“The service includes a proprietary technology called Smart Blocking that detects robocalls — including those generated by spoofing systems, and tricks them into thinking that the user’s number has been disconnected, so calls stop coming in,” explains the company. “Users simply ignore calls, and YouMail does the hard job of deciding whether it’s a robocall or spam call and plays the caller an out of service message so that the robocaller won’t keep calling.”

It’s designed to combat the increasing numbers of robocalls that have made their way to people’s cell phones.

“Roughly one in six phone numbers calling the average consumer is a robocall, and there are more than 80 million scam or fraudulent calls made each month alone,” said Alex Quilici, founder and CEO of YouMail, Inc.

Quilici says the “robocall epidemic” wastes an estimated 20 million hours a year and costs American businesses about a half billion dollars annually.

“YouMail has blocked tens of millions of calls for our users and prevented far more robocalls from ever calling them in the first place,” he concludes. “All our users have to do is ignore phone numbers they don’t recognize and we do the rest.”

The post Fighting Robocalls: New ‘Smart Blocking’ Tracks and Blocks Spam Calls appeared first on Mobile Marketing Watch.

Mobile apps are becoming big business for businesses.

Many bank customers now check their account balances or transfer funds through an app on their cell phones. Savvy retail shoppers can use a favorite store’s apps to learn about discounts, access coupons and find daily deals.

“The apps for financial institutions and retailers are getting greater use and that can be wonderful for business,” says Gary Miliefsky, CEO of SnoopWall, a company that specializes in cyber security.

But as with so many things in the cyber world, caveats are connected. Even as companies provide additional services through those apps, they may be putting their customers at risk for fraud.

“Most companies don’t realize just how vulnerable their apps are and what the potential is for leaking their customers’ personal information,” Miliefsky says. “And when that happens, it’s bad for business.”

He suggests a few reasons why most companies need better protection for their mobile apps:

•  New forms of mobile malware are being widely deployed in the major app stores and can eavesdrop on a customer through a company’s app. “These new forms of malware are undetected by anti-virus engines and are able to circumvent encryption, authentication and tokenization,” Miliefsky says. “That makes it easy for cyber criminals to exploit the personal information of a company’s customers and commit fraud.”

•  The PCI Data Security Standard requires merchants to protect credit-card holder data. Likewise, mobile-commerce providers must protect any payment card information, whether it is printed, processed, transmitted or stored, Miliefsky says. “Even though a customer has the breach on their mobile device, the retailer is responsible because it was their app that allowed the eavesdropping,” he says. A breach of credit-card information potentially could result in fines for the retailer, Miliefsky says.

•  The FDIC requires banks that are providing an ATM-like online or mobile-banking experience to protect access to the confidential records of the consumer, the consumer’s bank account information, user name and password credentials, and bill payment and check-deposit services. Just like with retailers, it doesn’t matter that the breach happened on the customer’s mobile device, Miliefsky says. The bank’s app caused the problem because it allowed the eavesdropping, so “the risk and the responsibility is the bank’s not the consumer’s, he says. And, as in the case with retailers, banks could face fines for a breach.

“Businesses have become great at creating useful apps that their customers eventually feel they can’t live without,” Miliefsky says. “But the failure to secure that app is going to come back to haunt the business over the long haul.”

The post Is Your Company’s Mobile App Putting Your Customers At Risk For Fraud? appeared first on Mobile Marketing Watch.

It’s a new online photo service launched by Google — the latest example of Google’s desire to “wrap its tentacles around virtually every part of people’s lives,” according to the AP.

But it could be a very good marketing move for Google, which promises unlimited storage of all photos up to 16 megapixels and high-definition video up to 1080p.

“The service, called Google Photos, will be available as an app on Android and Apple devices, and on a website, http://photos.google.com,” explains AOL. “It’s a variation of the photo-management tool on Google Plus, a social networking service that has struggled to compete against Facebook since its 2011 debut.”

“There has been a renaissance in the thinking of what Google Plus is for,” said Bradley Horowitz, Google’s vice president of photos and streams.

Horowitz predicts Google Photos will free people from the hassles of managing picture and video libraries, as Google’s Gmail service has eased the burden of sifting through email boxes with its larger storage capabilities and a powerful search engine.

“Google Photos is importing technology from Google Plus to automatically sort images into common bundles tied together by a vacation destination, activity, or even species of animal,” adds the report. “Other tools will automatically create slideshows and albums accompanied by music.”

Can Google entice people away from other services that have been around for a while? We’re talking about services like Apple’s photo service, or Yahoo’s Flickr which gives one terabyte of photo storage for free (which equals about five photos per day for 60 years).

Google — under siege by competitors on every side — wants to stay relevant. This new photo service is just one more gambit in the company’s bid to keep people doing more than checking out the Google doodle of the day.

The post Picture This: Every Photo You Keep is on Google appeared first on Mobile Marketing Watch.

Even better than Superman’s x-ray vision, Verizon’s supercookies track every single move a user makes on their mobile device, and every encrypted website they visit, 24 hours a day, whether those users like it or not.

It seems however that the American public is just as strong as the Man of Steel because, after getting huge amounts of bad press and taking all sorts of heat (not heat vision) from consumer rights organizations, Verizon announced back in January that it would get to work creating a way that users could opt out of their Relevant Mobile Advertising (RMA) program and stop the supercookie in its tracks (and, more importantly, stop it from tracking).

Of course Verizon gave a perfectly reasonable explanation for using their all-powerful supercookie, one they posted on their FAQ page for their RMA program. By the way, it’s worth noting that the Unique identifier Header (UIDH) that that use can’t be “killed” simply by blocking cookies in your browser (Luthor would be proud.)

In either case, there are now 3 distinct ways to opt out Verizon’s RMA program, including calling 1-866-211-0874 or simply signing into your Verizon account or using the Verizon Mobile app.

Do it today, and send that supercookie back to the phantom zone of bad mobile ideas.

The post Consumers Saying Goodbye to Those Verizon Supercookies appeared first on Mobile Marketing Watch.

The Illinois 7th Circuit Court of Appeals recently made the ruling against Path, a popular messaging service for Android, which reportedly sent bulk SMS messages to some users’ entire phone books, asking contacts to sign up or relaying “notifications.”

It’s not the first time this issue has reared its ugly head. A simply Google search shows a raft of commentary on the Path methodology. Here’s one, posted at Phandroid more than a year ago: “Word began spreading a few days ago after Path seemingly wigged out on a few users, sending mass SMS messages to everyone in their phone book — ex girlfriends, tire shops, grandmas, etc. — notifying them that the sender had “photos” for them waiting on Path. Not the kind of thing you would want sent to your buddy’s wife on a Friday night.”

Illinois resident Kevin Sterk has complained that he received a text message stating that another person — Path user Elizabeth Howell — wanted to show him photos on the service. The text also contained a link to a site where Sterk could register to join the social network.

“The move lets stand a prior ruling by U.S. District Court Judge Samuel Der-Yeghiayan in the Northern District of Illinois, who allowed state resident Kevin Sterk to pursue allegations that Path violated the federal Telephone Consumer Protection Act. That law prohibits companies from using automated dialers to send users text message ads,” noted Media Post in a story on the legal development.

While Path is arguing that the case should be thrown because its system doesn’t use “automated dialers” and its system only sends SMS messages to people whose phone numbers were provided by users, the company is finding few friendly ears.

Path believes the court decision marks a “dramatic expansion” of the federal telemarketing law and opens up new legal risks for any firm that sends text messages.

“Path isn’t the only company that allegedly tried to grow its network by spamming people,” said Media Post. “Lyft also is facing a potential class-action lawsuit for allegedly running an “aggressive marketing campaign” that sends people unwanted SMS messages.”

It’ll be a case to watch as text messaging service companies and consumers wage a battle over what is appropriate and what is considered unwanted and undesirable.

The post Appeals Court Gives Go-Ahead to Text-Spam Case Against Path Messaging Service appeared first on Mobile Marketing Watch.