According to the results of the DCB Index, South Africa is the leading country in the ranking, with the highest score (3.4 out of 5). In the Middle East and North Africa, Morocco and the UAE stand out, surpassing last year’s leader, Bahrain. Nigeria and the Democratic Republic of Congo also rank highly, with 3.1 and 3.0 respectively.

DCB has proven to be a powerful payment tool in the MEA region, and the overall fraud prevention of mobile players has increased by 0.2 compared to 2021, showing a collective willingness to safeguard this technology. DCB has the potential to become even more powerful than credit cards, and mobile operators have all the advantages to elevate DCB and become major fintech companies. However, it is important that businesses protect DCB with the right cybersecurity solutions.

The DCB Index is intended to provide mobile players with an overview of the development of DCB in the MEA region, helping them to better understand how to improve their business in their own country or what conditions to consider when deploying in other countries. 

The post DCB Index 2022: Insights into the Direct Carrier Billing Market in the Middle East and Africa appeared first on Evina.

Can you tell us more about where the malware hides?

The malware is hidden in a messaging app named Symoo on the Google Play Store.

It’s available worldwide, but the app has been downloaded the most by users in India, Bangladesh, Pakistan, Algeria and Nepal. 

You won’t find the app anymore on the Google Play Store however, as it’s been removed following our press release.

The malware steals phone numbers from users, how exactly does it do that?  

So the first thing to understand is that the infected app Symoo masquerades as a legitimate messaging app to impersonate users and create fake social media accounts.

It starts out with a user that finds the app on the app store, downloads it, and when it opens the infected app, the first thing that pops up is the app’s request to get the user’s phone number. 

When the user launchers the app, a loading screen appears and in the meantime, the app has launched a malicious program in the background that sends the user’s phone number to an external server and intercepts all SMS messages. 

This external server is used by a marketplace that collects the stolen phone number and reads the SMS messages linked to this number to obtain one-time codes that allow to create fake social media accounts. Millions of fake accounts on popular social networks like Facebook or Telegram are created this way and individuals can purchase these fake account directly from this platform to remain anonymous while potentially perpetrating criminal actions. 

What has been the malware’s impact up to now?

All users that have downloaded the infected app and entered their phone number are victims of the malware. These users now have fake social media profiles linked to their phone number and they aren’t aware. In India, there are 100K victims, in Pakistan 9K, in Algeria 3K and in Morocco 1K.

For more information, read the full press release.

The post How a malware-infected messaging app is impersonating millions of users worldwide appeared first on Evina.

Jamil Gaith: DCBprotect was giving us great results. It improved our brand image, got us 12 new partners thanks to reinforced partner trust and helped us expand our carrier billing business. Still, we noticed plenty of room for improvement by switching from webview to a fully native app customer experience. With DCBprotect, the protection required to show a page, so a small redirection within the app to acquire the user, and we needed this process to be frictionless while maintaining the best security level.

David Lotfi: This request brought the DCB experts at Evina and Mobile Arts to set up a clear timeline to develop an in-app native version of DCBprotect. This meant creating a cybersecurity version of the solution powered by the same cutting-edge technology as DCBprotect, but integrated into a native SDK. In just 5 months, DCBprotect in-app was developed and brought to full use. How do you feel DCBprotect in-app has already started to benefit the development of the Mobibox platform? 

Jamil Gaith: The first visible significant benefit is the stellar user experience delivered to Mobibox subscribers with the cybersecurity technology integrated into the SDK solution while maintaining the same high levels of security against fraud attempts on DCB transactions. MobiBox SDK is now offered to all kinds of mobile content merchants.    

Evina created the first and only cybersecurity solution for DCB transactions in-app native on the market, out of a client request.  This shows how Evina is on top of technology and client service, so much so as to adapt its technology to the specific needs of Mobile Arts in record time. DCBprotect in-app has allowed us to keep our business as safe as possible without compromising user experience and our business goals.”

David Lotfi: We’re thrilled with the results and can’t wait to see how our strategic partnership will continue to protect your patterns in the best way possible. What we have found very interesting during the development process of In-App Protect, is the large number of DCB transactions that happen inside apps and the information we can capture to create an even more secure experience. Detecting these transactions requires highly technical expertise, which is exactly why Evina has developed this first solution for in-app detection. Today DCBprotect in-app is supported by both Android and iOS apps.

The post How a native in-app cybersecurity solution for DCB transactions revamped the in-app user experience appeared first on Evina.

The fil rouge of all the opening talks was the need for diversification.

The CEO of Etisalat UAE, Masood Mohamed Sharif, explained how important it is for telcos to become tech companies and offer higher value-added services, beyond simply providing internet access.

The COO of Vodafone Qatar, Diego Camberos, pointed out that despite the increase in connectivity demand, revenues were not growing at the same rate. And that in order to match the value, telcos need to invest in additional services, including fintech.

Our very own Evina CEO, David Lotfi, developed the fintech topic by sharing 2 insights for a successful telco diversification.

Watch the full keynote now

1. The first insight is that telcos have everything they need to become the biggest fintechs in the world.
   a) The timing is right: credit cards are dying and the fintech market they would address is worth $12 trillion.
   b) They have everything they need to succeed: a huge network, consumer data (KYC, bank account), direct access to the cell phone and a payment method with incredible conversion rates: one-click payment.
   
2. The second is that in order to seize this incredible growth opportunity, it is essential to put in place tools that fend off cybercriminals. For too long, carrier billing markets have been closed due to compromised payment security by cybercriminals. Instead of fighting this, telcos have often preferred to stay out of the battlefield, dropping the payments boom or implementing restrictive measures, which has led to more complex payment flows and reduced revenues. 

Telcos can become fintechs today, though considering that history is made of missed opportunities, we need to act fast. Cybersecurity allies and telcos can elevate the best possible payment method (one-click payments), and make them even more secure than credit cards.

The insights of David Lotfi have been extremely well received, with several new strategic partnerships with top MNOs formed during the Telecoms World. Among them, the partnership signed with Ooredoo Oman is already public.

Watch David Lotfi’s full keynote for more strategic insights.

The post All top telco executives agree: fintech is the future of telcos appeared first on Evina.

The event will start on May 24 with keynotes from CEOs and COOs of the major telcos Etisalat UAE and Vodafone Qatar, and dive straight into the crucial topic for the future of telcos: how they can become the world’s biggest fintechs. Lotfi will be leading this keynote, backed by his 15+ years of experience in the telco industry and fueled by the data collected from the 80+ countries where Evina operates.

Evina has a solid track record of helping major MNOs (Oordeoo, Orange, Vodacom, and many more) develop their financial services, experience drastic revenue growth and take the decisive step to becoming real fintechs. Each day, forward thinking players trust our revenue-boosting cybersecurity solutions to protect over 20 million transactions. 

The keynote, addressed to the most-forward thinking leaders in the telecoms world, will center around three key secrets that will be crucial for CEOs to make the right strategic decisions in 2022.  

To get a head start on this transformation, book a meeting with the Evina team at Telecoms World Middle East:

https://info.evina.com/meet-evina-at-telecoms-world-me-22

Read the full press release for more detailed information on the keynote.

The post Calling all telcos: Why the brightest telco minds shouldn’t miss out on this decisive keynote at the Telecoms Worlds Middle East appeared first on Evina.

• MNOs are much more than pipes, they manage the most promising payment method: DCB
• There are many opportunities offered by carrier billing that need to be unlocked
• Fraud is the main roadblock and damages MNOs in numerous ways (damaged brand image, expensive complaint management, media buying restrictions etc.) 
• Techniques fraudsters use to steal money through the direct carrier billing channel 
• How responsible players are needed to reinforce this payment channel and reveal its true potential in LATAM
• The responsible major monetization player AWG shares their experience with fraud, accidental subscriptions, and the impacts these have on their clients and business. 
• The opportunities AWG and Evina unlocked in the region by working together. 
• `

Watch now to discover the opportunities your business and region can access once the right investments are made in securing payments on carrier billing from fraud. 

The post Webinar – “Combating fraud to unlock carrier billing opportunities” – The specifics of fraud in the LATAM region appeared first on Evina.

1 – The mobile payment industry struck back against fraud

The Mobile Ecosystem Forum (MEF) published an insightful whitepaper on how to combat fraud in mobile content and held a webinar to discuss the challenges further. As a newly joined member, Evina contributed with its expertise alongside other industry players, to educate the market about fraud. 

2 – The results are in: efforts made to fight fraud are rewarding

Mobile payment has great potential in Africa, which could easily be unleashed once fraud is dealt with and mobile carriers take back control. Our CEO David Lotfi tells us more about the endless opportunities that derive from fraud-free mobile payments in the Northern African Wireless Communications publication (pages 24 and 25).

3 – An accelerated digitalization of all industries due to the pandemic

The COVID-19 pandemic accelerated the digitalization of many of our habitual activities: from relationships to online transactions. The digital world made way for a huge flow of traffic, money, and prosperity. However fraudsters are always just around the corner when money is involved, yet this time we had the right tools to face them. Industry players advised on how to adapt and overcome the increase in fraud in our new digital reality. 

4 – The anti-fraud black belt in cyber self-defense is now unlocked

Certain tools are required to win against fraud the right way, in fact, it’s never been this easy to combat fraud. David Lotfi shared his tips and tricks on how to respond to the inevitable encounter with fraud. 

5 – Innovation and commitment: the winners in the fight against fraud 

The new generation of digital experts has arrived, pushing the boundaries of the industry to a whole new level. This year’s Global Direct Carrier Billing awards have confirmed this, awarding Evina as Best Carrier Billing Fraud Solution alongside our partners (Digital Virgo, PM Connect, and Play), which we couldn’t be prouder of. 

6 – From an expense to a source of profit: cybersecurity is a must-have.

Cybersecurity went from being a burdensome cost for businesses to a source of revenue. Philip Vannier, President of the European Cybersecurity Organization (ECSO) and Big Data and security expert, gave us his input on the digital market, what is to come, and agreed that better-protected networks mean fewer barriers, faster transactions, and more revenue for everyone.

7 – Without fraud, businesses have reached a whole new level of business growth

Belgian mobile operator Proximus has proved that with the right tools, it is possible to decrease fraud and complaint rates, and boost revenue on carrier billing. With the help of Evina, fighting fraud unlocks business growth.

The post 2020 Cybersecurity Highlights: a year of innovation and perseverance in the fight against fraud appeared first on Evina.

5G: A new network in its infancy stage 

The much-awaited 5G is expected to cover 32% of the global population – about 2.5 billion people – by 2022, according to research by Bankr. This extremely fast network that promises reduced latency doesn’t mean it’s more secure compared to the older 3G and 4G networks. Unfortunately, it’s the contrary, since the protocols involved are brand new, they are not 100% foolproof and vulnerabilities are being discovered all too frequently. We must keep in mind that 5G is still at its infancy stage and it will be a long run until it reaches the maturity of the 4G network. In fact, traditional attacks such as spoofing, user impersonation, and fraud are still expected, and as 5G will extend to connectivity with IoT devices – the vulnerabilities aren’t limited. Whether we like it or not, 5G is the future of connectivity, so the challenge we now face and the question we must ask ourselves is: How do we securely transition to 5G considering its infant stage makes it more prone to vulnerabilities? 

Paying back the cybersecurity debt  

Cybersecurity issues were trending in 2020, as many companies faced data breaches and high fraud rates. The issues relating to cyber-attacks were sometimes evident, creating enormous international buzz, and sometimes less evident with mobile operators seeing customer complaint rates rise because of disregarded fraud issues. Due to a lack of time, budget, and/or information these companies have unwillingly gone to create an enormous cybersecurity debt by not addressing the security question, meaning fraud rates, complaint rates and  churn rates have increased and will reach all-time high levels if left untreated in 2021. Certain markets are bound to face an upcoming crisis due to the aforementioned companies that have not yet dealt with fraud the right way.

The first step to approach fraud the right way is to make the right cybersecurity investments for your business. By investing in anti-fraud technology, made to secure your online business from advertising to mobile payments, fraud will be minimized and you will allow your business to thrive in a healthy environment. What does this mean exactly? An increase in revenue that unlocks the growth of your business to new levels.

Organized criminals betting on digital monetization

As we’re all aware, the COVID-19 pandemic was and is still much more than a health crisis. The economic crisis also hit worldwide and no industry was left untouched. However, some sectors found new ways to keep growing by relying more and more on online channels to keep their business going as the digital industry remained barely untouched. It wasn’t before long till organized crime found its place in this new digital reality. In fact,  2020 ended with a massive fraud operation that stole millions from online bank accounts by using emulators to mimic phones and access their bank accounts. The American telco T-Mobile also had to deal with a data breach, the second breach in a year to be exact, that stole precious data including customers’ account information. Organized criminals are betting on mobile payment and investing in hackers to do the dirty work. Cybercriminals have a lot of tricks up their sleeves, and something tells me they won’t be merciful in 2021. It’s clear that we must protect our online business this year more than ever.  

The challenges we face in 2021, from organized criminals going full-on digital to a vulnerable 5G network in its infant stage and a growing cybersecurity debt, all have a solution in common: the right cybersecurity investment. Not challenging the fraud that your company faces, and that will undoubtedly increase, is no longer an option. It’s also no longer a question of dealing with fraud or not, it has come down to the survival of your company. My advice to you is: if you want to see your business not just survive but thrive in a challenging digital era, it’s time to invest smartly in cybersecurity.

Sources:

• Bankr research: Global 5g Coverage To Grow 253 By 2025 And Reach 53 Of Population
• IEEE Spectrum: 5G Networks Will Inherit Their Predecessors’ Security Issues
• Wired: A Massive Fraud Operation Stole Millions From Online Bank Accounts
• TechCrunch: T-Mobile says hackers accessed some customer call records in data breach

The post Three cyber tech challenges we will face in 2021 appeared first on Evina.

On the 4^th of August 2020, Lebanon experienced an unprecedented tragedy. In the heart of Beirut, the country’s capital, a stock of ammonium nitrate exploded causing 171 deaths, and leaving thousands injured. Because of the substantial damage in the surrounding area, more than 300.000 people are currently homeless. The images were seen around the world, prompting an international show of solidarity. Donations are pouring in to help those affected, attracting the attention of scammers trying to pass themselves off as charities.

In order to help, Evina used its knowledge in cybersecurity to check out numerous websites calling for donations for Lebanon, and identified which were legitimate websites and which ones were scams. Before sending money to a website, be certain to check the following points to make sure your donation will actually be of use to Lebanon.

Each site must clearly display the name of the organisation as well as its address, and the mandatory terms and conditions. A simple Google search using the website’s name or URL generally unearths any negative existing feedback on the internet. Also check if there are any links to an external website or social network. Finally, do a search using any identifiable information given on the site, like the name of the PayPal account or the e-mail address. If it’s a scam, they will often appear on other fake websites.

Websites to avoid

When analyzing these websites, Evina found enough elements to officially call them out as scams.

https://beyrouthshima.com

This site doesn’t display either its name, address or the terms and conditions. Their PayPal account PIXER doesn’t belong to any known organisation. However, this account is used by another suspicious website, https://www.8cups.online, which again doesn’t include an address, and their social network links don’t work.

https://savelebanonlives.com

This website doesn’t provide an address or the terms and conditions, and is completely unknown on Google or social networking platforms. Additionally, when you subscribe to their newsletter, you’ll receive an e-mail from givepalestine123@gmail.com.

https://www.impactlebanon.org

Aside from the missing address and terms and conditions, this is a phishing site asking for donations in cryptocurrency. It is impersonating another site (https://impactbeirutlebanon.com) by using the same logo and a similar URL.

https://www.cryptofundlebanon.com

Yet again, the first clue with this website is the missing terms and conditions. However, this one is more easily spotted thanks to a link to a completely unrelated Instagram account. Additionally, the webmaster tried to promote his site on Reddit but ended up deleting his post when several comments called it out as a scam.

https://loveforlebanon.com

This website includes broken links to social networks, but what really helped identify this website as a scam was the contact e-mail contact@naturelove.org. The same address is used by numerous other websites that always ask for donations. This includes websites about surfing, weddings, or Android news.

Websites to safely donate

The fact that these scams exist shouldn’t discourage you to help out the Lebanese population. Evina has compiled the following list of recommended websites, checked by us, so you can safely donate.

ASHRAFIEH 2020: https://www.just-help.org/c/relieffund

BEIT EL BARAKA: https://www.beitelbaraka.org

RIFAK el DARB: https://www.just-help.org/c/rifaqeldarb

BAYTNA BAYTAK: https://www.gofundme.com/f/help-beirut-explosion

IMPACT LEBANON: https://www.justgiving.com/crowdfunding/lebanon-relief

OFFRE JOIE: https://www.givingloop.org/offrejoie

LEBANESE RED CROSS: https://www.supportlrc.app/donate/

LEBANESE FOOD BANKS: https://lebanesefoodbank.org/donate/

The post Donations for Lebanon: beware of scams, make sure your money reaches the right people. appeared first on Evina.

We had Google shut down those applications. Evina managed to successfully reverse-engineer the malware which enabled us to protect end users against it. This is critical for our customers:

Brigitte De Ducla, Orange France

“We have successful results with Evina; in addition to providing us with premium protection on our carrier billing, they also help us create a safer customer journey, therefore preserving the global experience of our clients”.

Here’s how they steal your Facebook

When an application is launched on your phone, the malware queries the application name. If it is a Facebook application, the malware will launch a browser that loads Facebook at the same time. The browser is displayed in the foreground which makes you think that the application launched it. When you enter your credentials into this browser, the malware executes java script to retrieve them. The malware then sends your account information to a server.

Lionel Ferri, Evina CTO: “It’s a fraudulent technique that points out the danger and reflects how important it is to protect yourself. It cannot be identified by Facebook as the malware displays in front of the legit app when it is launched”.

Why are you always targeted? Because everyone is targeted.

Internet-based fraud has become so pervasive that sometimes it seems as if everyone you meet has, at some point or another, been a victim of digital fraud. Often when one is targeted by online fraudsters, the first reaction is ‘why me?’.

Rest assured that we are all in the same boat and while it is normal for the victim to think they have been specifically targeted, we are all targets. Furthermore, we must highlight that victims should never be blamed for the criminal actions of others.

Fraudsters are everywhere and they are not confined to the DCB sector. They lurk in every nook and cranny of the web and it is the job of experts like Evina to flush them out. Our clients are very helpful in this regard. They regularly provide us with valuable information that helps us lift the lid on what you could call the “digital fraud of the day”.

In conclusion, keep in mind once that the victims are not the culprits: the app developer, the app store and all other legitimate players involved are simply innocent victims of fraudsters and their malware.

The post They steal your Facebook appeared first on Evina.