Dr Web Mobile Security Licensing

Transcription

1 Defend what you create DWCERT Dr.Web Mobile Security sales Course outline I. Modern threats to mobile devices II. Dr.Web mobile device protection products III. Dr.Web Mobile Security delivery versions IV. Dr.Web Mobile Security licensing history V. Dr.Web Mobile Security licensing VI. Dr.Web OEM Mobile VII. Sales support Doctor Web, 2014

2 I. Modern threats to mobile devices Most malware is created to infect Android-powered devices because this OS is so widespread. Threats to Android Modern handhelds, running OSs with great possibilities, are attractive targets for hacker attacks. This is evidenced by the steady growth in the number of new malicious programs, designed for mobile devices, being received by the Dr.Web anti-virus lab. These small gadgets provide cybercriminals with more opportunities for spying than PCs do. Many of them are equipped with cameras, and any mobile phone has a microphone. Some devices have a GPS navigator. All of these tools are helpful in different situations so long as the owner maintains control of the device. If that control is intercepted by criminals, mobile devices take on other possibilities. Confidential information stored on a device can be accessed: passwords (e.g., online banking system passwords or social network account passwords), bank account numbers and many other details. This opens up opportunities for criminals to blackmail users, collect and sell their information, or swap out their data for bogus information (Flexispy, Mobile Spy, Mobistealth, Android.AntaresSpy.1). People use mobile devices in both their private and professional lives. Employees working at home or travelling on business use their personal devices to store corporate information and enter company websites. That s why the theft of confidential information and passwords from personal devices is so dangerous. Some mobile device functions can be blocked or managed remotely for example, criminals can intercept inbound short messages in order to harm users or their business competitors at just the right moment (Android.Plankton, Android.Gongfu (Android.DreamExploid), Android.GoldDream). SMS messages can be sent and calls to premium-rate numbers made without user consent, resulting in direct monetary damage (Android.SmsSend). Criminals can steal money from user bank accounts and from online payment systems. Criminals can spy on users they can eavesdrop on conversations (toggle on the microphone), receive data from a GPS navigator on a user s location (to see whether they are present or absent in certain locations), take pictures of a user s location (turn on a camera and video recorder); and track what websites a user has visited, as well as incoming and outgoing calls, messages, and SMS. Banking Trojans for mobile devices Today, programs that intercept SMS containing mtan codes, which many enterprises use to confirm online financial transactions, are the most dangerous. Examples The banking Trojan Android.SpyEye.1. When users visit a bank website whose address is present in the Trojan horse's configuration file, this malicious program inserts texts or web forms into web pages, so customers loading a page of the bank s site into their browsers will see a message stating that a new bank security policy has been introduced and that in order to access their account (online banking system), they need to install a special application on their mobile device that will supposedly prevent the interception of their short messages, but will actually contain the Trojan horse. The malicious program Android.Pincer which can intercept short messages. This malicious program is spread as a security certificate that supposedly must be installed onto an Android device. If a careless user installs the program and attempts to launch it, Android.Pincer.2.origin will display a fake notification about the certificate s successful installation. Having launched successfully at startup, Android. Pincer.2.origin will connect to a remote server belonging to criminals and send it information about the 2

3 mobile device. Android.Pincer.2.origin makes it possible for a malicious program to be used for targeted attacks and to steal specific messages, for example, those containing mtan codes sent by banks. To familiarize yourself more thoroughly with mobile phone viruses, refer to Android threats in How do malicious programs penetrate mobile devices? 1. Through software vulnerabilities. A vulnerability is a flaw in an operating system or application software that can be exploited by a virus to corrupt data and interfere with its operation. Theoretically, any error in program code can be used to cause harm to the system in general. All software has vulnerabilities. Most are in Windows, affecting PCs and laptops, and in Android, affecting mobile devices. Software developers do their best to close vulnerabilities, especially critical ones, but sometimes virus writers find them before that happens (i.e., zero-day exploits that are still only known to virus writers or have not yet been closed by the software vendor). The vast majority of today's "successful" Trojans penetrate a system via vulnerabilities, including zero-day vulnerabilities. An anti-virus tries to close the vulnerabilities that create such points of intrusion, but most often it is a struggle with the aftermath virus writers find vulnerabilities before developers do. To eliminate vulnerabilities (close the gap in defense), users should update their mobile device s software in a timely manner all the programs, not just the anti-virus. Like people of any other profession, programmers who write programs for mobile devices can make mistakes. According to statistics, one in five Android programs has a vulnerability or, in other words, a gap that helps criminals introduce Trojans to mobile devices and carry out their activities. 2. Through the Internet. Many websites, regardless of their content, can be infected with viruses or malicious scripts. The user doesn t need to do anything to acquire the Trojan horse: infection occurs automatically when users visit infected sites. Astonishing fact Websites that are more likely to be sources of malware and phishing attacks Sites related to technologies and telecommunications Business websites: business media, business news portals, accounting-related sites and forums, online courses/lectures, services to improve business efficiency Adult content websites and resources for downloading free programs Through these sites, the criminals who compromised them can watch for victims and redirect them to infected sites. Pirated distributions can also carry viruses or Trojans. 3. Through the unwitting actions of users. Even if a malicious program can t exploit a vulnerability to penetrate a system/software, users are always ready to help. Most modern malicious programs aren t viruses because they can t self-proliferate. They are created in the hope that users will distribute them. Using different tricks (social engineering techniques), criminals make their victims install malicious programs, open malicious files, visit compromised sites, etc. For example, Android.Plankton, which collects and transmits information about compromised devices, was downloaded manually more than 150,000 times (!) from the official application store Android Market (formerly known as Google Play). 3

4 Is an anti-virus enough to protect a mobile device? The Dr.Web for Android Light anti-virus offers protection against viruses and malicious programs, particularly Trojans. But, today, this level of protection isn t enough. Only comprehensive protection, such as Dr.Web for Android, can protect against any type of malware used by fraudsters for cybercrimes. Such protection should include an anti-virus, anti-spam, anti-theft and an URL filter like Dr.Web Cloud Checker. What is the purpose of the Anti-spam? Dr.Web Anti-spam shields against unwanted calls and SMS messages. What does the URL filter Cloud Checker do? The URL filter Cloud Checker limits access to potentially dangerous sites. It is especially useful for children who don t understand the danger of some websites. IMPORTANT! Some anti-virus vendors claim to have a parental control component in their Android protection products. However, a product possessing full control over this operating system is IMPOSSIBLE to create at present. The default settings for the Android browser and the Google Chrome browser for Android do not allow true parental control to be employed since any user can open a page anonymously, and no software can trace that user s steps. Therefore, unlike its competitors, Doctor Web does not position its URL filter Dr.Web Cloud Checker as a parental control tool. What is the purpose of the Anti-theft? Mobile devices are at risk of being lost or stolen. Information (including access passwords and logins) can wind up in the hands of hackers. A single anti-virus can t protect information if the violator or the person who found the device wants to examine it. Dr.Web Anti-theft helps find lost or stolen mobile devices, blocks them, and, if necessary, remotely deletes private information from them. Customers who forget their lock codes can use the anti-theft unlocking self-service portal at II. Dr.Web mobile device protection products The Dr.Web Mobile Security commercial product consists of three Dr.Web software products. Buyers of one license for Dr.Web Mobile Security are entitled to use one of three Dr.Web software products. Protection components Dr.Web software products Dr.Web for Android Dr.Web for Symbian OS Dr.Web for Windows Mobile Anti-virus Anti-spam Anti-theft + URL filter + 4

5 III. Dr.Web Mobile Security delivery versions Product group Dr.Web Home Security Suite (e-licenses) protection for home Dr.Web Retail Security Suite products for retail Dr.Web OEM products (not for sale to end-users) Commercial licenses Dr.Web Security Space Dr.Web Anti-virus Dr.Web Mobile Security Dr.Web Security Space Dr.Web Anti-virus Dr.Web OEM Mobile E-licenses for 3 months Scratch cards for 3 or 6 months IV. Dr.Web Mobile Security licensing history Doctor Web created the first anti-virus to protect mobile devices running Windows Mobile in At that time, the number of viruses infecting this OS was small, so apart from having to solve technical problems, Doctor Web also had to grapple with a moral issue whether to charge for the anti-virus or not. In my opinion, a virus for mobile devices is only a myth right now, a PR element, nothing else. And, of course, the accompanying hysteria is good for some developers profits. At the moment, we are not seeing any serious viruses targeting mobile devices. They will probably emerge soon, but what we have right now these are not viruses; they are just early attempts, said Igor Daniloff, the creator of the Dr.Web anti-virus. In such a situation, the company s management made the natural and logical decision to give Dr.Web users free Dr.Web Anti-virus for Windows Mobile licenses for home PC protection. The idea that users should not pay for protection against a threat that does not yet exist is consistent with the basic principles of Doctor Web, Ltd., commented Boris Sharov, the company s CEO, on the product s release. On the one hand, we consider it immoral to sell a product that has no real use yet. On the other hand, the rapid development of mobile technologies and the wide application of instant payment services will inevitably result in the emergence of more dangerous viruses for wireless devices. We have no doubts that virus makers have long been working on developing commercial viruses for mobile devices. Such viruses won t be designed to damage devices as was the case with the initial viruses for PCs. They will be sophisticated Trojans and spyware. We do understand that the threat, though latent, is real. That s why our company has developed protection against a possible threat. But, for the moment, no dangerous viruses exist, so there is no threat for users, and, therefore, our new product is free. Any user of Dr.Web for Windows products can get a free license and be ready to address what could become a real threat at any moment. Words uttered back in 2007 proved to be prophetic. From 2007 to this very day, Doctor Web customers who purchase Dr.Web to protect home PCs are entitled to use Dr.Web Mobile Security free of charge. Doctor Web has no plans to change this policy. A product to protect Symbian OS was released in Anti-virus for Android Light was released in August Dr.Web for Android was released in In June 2012, when the quantity of threats to mobile OSs had reached an immense number, and it had became clear that commercially oriented virus writers were taking this segment seriously, Doctor Web started selling individual licenses for Dr.Web Mobile Security. 5

6 V. Dr.Web Mobile Security licensing As the number of devices running Symbian OS and Windows is negligible, licensing is described with respect to the Dr.Web for Android software product. 1. Dr.Web Mobile Security is licensed per number of protected mobile devices. 2. Licensing options for Dr.Web for Android Anti-virus Light Free license Shareware Comprehensive protection Shareware license (after the 14-day free demo period, the customer must purchase a commercial key file) Life Lifetime license Depends on the policy of the App Store where the customer purchased the license, e.g., in Google Play, the license is tied to a Gmail account. License period Lifetime license 6, 12, 24 or 36 months Lifetime license Protection components Anti-virus only Anti-virus Anti-spam Anti-theft URL filter The right to use Dr.Web Mobile Security free of charge 1. Customers of any Dr.Web products for home PC protection (e-licenses or boxed products) are entitled to use Dr.Web Mobile Security free of charge. 2. The number of free Dr.Web Mobile Security licenses equals the number of PCs covered by the purchased license. Demo 1. Dr.Web Web Mobile Security demo usage terms are governed by the rules of demo use. 2. No Dr.Web Mobile Security demo request form exists on the Doctor Web site. 3. Users can request a free demo directly from their device by downloading the program and registering. 4. A demo license serial number isn t sent to the user; a Dr.Web key file is downloaded and installed into the correct directory automatically. 5. The term of a demo license is 14 days; it begins the moment the demo is requested. 6. Customers receive a Shareware demo license i.e., comprehensive protection. 7. The demo for the Light version offers users a limited introduction to the product because it includes only one protection component the Anti-virus. Customers shouldn t be introduced to the Light version of the product first, because they won t be able to test the functionality of all the Dr.Web protection components. 8. After the demo period, the program stops working. To continue using Dr.Web after the demo period is over, a commercial license must be purchased. 6

7 Discount policy No discounts are available for this product. Renewal 1. If a customer chooses Dr.Web Mobile Security to renew the term of their license, the renewal is processed without a discount in other words, the customer must purchase a new Dr.Web Mobile Security license at full price in order to continue using the Dr.Web product. 2. If a customer switches from Dr.Web Mobile Security to Dr.Web Security Space or Dr.Web Anti-virus by purchasing a new license (without a discount), that customer is entitled to renew their Dr.Web Security Space license at the discount that is applicable to this product starting from the second year of use: 1 year 2 years 3 years 40% 41% 42% Benefits for customers who switch from Dr.Web Mobile Security to Dr.Web Security Space or Dr.Web Anti-virus 1. Renewal discounts every year (from the second year of use). 2. Protection for PCs running Windows, Mac OS X or Linux. 3. Free mobile device protection. Renewal types A customer can renew the term of a Dr.Web Mobile Security license in two ways: by purchasing an e-license or a Dr.Web boxed product (a new license at full price). Dr.Web e-licenses Product Dr.Web Security Space Dr.Web Anti-virus Dr.Web Mobile Security Dr.Web boxed products Dr.Web Security Space Dr.Web Anti-virus Gift* License to protect a quantity of mobile devices that is equal in number to the quantity of protected PCs 2 licenses for mobile device protection * Except in cases when a Dr.Web Mobile Security license has been purchased. Renewal reminder 1. Doctor Web provides a system for communicating with the customer about the service while the license is valid. 2. Communication is carried out via . Newsletter templates do not offer customers the opportunity to unsubscribe. 3. If the partner (Actual Supplier) is known, the partner s contact information (taken from their card on the Doctor Web Partners Portal) will be enclosed. 7

8 4. Commercial license renewal reminders are sent to Dr.Web Mobile Security customer addresses 30 days before a license expires and on the day it expires, or 20 and 40 days after a license expires i.e., several attempts are made to win back a customer who hasn t renewed their license. The texts of the messages sent can be found in the Messages service in My Dr.Web Portal. 5. Demo license renewal reminders are sent on the day of the demo request and 10 and 13 days after the demo was given. 6. Information about OEM license reminders can be found below in the corresponding section. Additional purchase (license expansion) Additional purchase is available without any discount. If a customer wants to protect additional mobile devices, they must purchase the needed number of new licenses at full price. Doctor Web s policy on pirated licenses 1. Doctor Web Ltd. monitors sales and tracks evidence of illegal (pirated) license use, blocking pirated licenses in accordance with company policy. 2. Dr.Web Mobile Security customers are entitled to use the one-time option to restore their license via the Licenses service in My Dr.Web Portal or via the support service. VI. Dr.Web OEM Mobile This product is available to customers free of charge. The sale of Dr.Web OEM licenses is forbidden. Delivery versions E-licenses 3 months Scratch cards 3 or 6 months Advantages of Dr.Web OEM Mobile The activation term is unlimited. Free mobile device protection. A license can be transferred to another mobile device in the event of damage or loss. Protection for three OSs of the user s choice. 40% discount for one year if the OEM license is renewed for Dr.Web Security Space (from 1 to 5 PCs). An OEM license can always be renewed regardless of when it expired. OEM license renewal The methods for renewing OEM licenses are similar to those used to renew Dr.Web Mobile Security demo and commercial licenses. Renewal via the Lead Generator Only for co-branding supplies 1. Even if a partner doesn t have access to the Serial Number Generator (SNG), an OEM license can be renewed, bypassing the SNG. This can be done directly in the customer s lead in the Lead Generator, in the OEM Mobile thread. 8

9 2. In this thread, leads are generated after the customer submits a renewal request via the Renewal Wizard. If the supply of OEM licenses was co-branded, these leads are automatically assigned to a partner the OEM supplier. 3. To generate a renewal license, Renew license must be selected in the client s lead. Promo license renewal service Only for co-branded supplies 1. The customer is offered the opportunity to purchase a new license for Dr.Web Security Space at the full price and get six bonus months instead of the standard five (which is the equivalent of a 40% discount for one year). 2. The promo license renewal service can be found at To use the service, enter the serial number of the client s OEM license into the web form and click Renew. 3. All serial numbers renewed through this web form end up in the partner s report, even if the partner doesn t have access to an SNG. 4. Service limitation: such a renewal is possible only for one year. RenewOEMania 1. RenewOEMania is a programme designed to encourage customers, who did not renew their OEM license before it expired, to renew. 2. To win back this category of customer, depending on how long it has been since the OEM license expired, a bonus term of two to four months is offered in addition to the standard renewal bonus. 3. Customers are made aware of bonuses via . If the Actual Supplier of an OEM license is known (i.e., the supply was co-branded), the will include the partner s contact information which is taken from the partner s card at Doctor Web Partners Portal. 4. The programme for Dr.Web OEM Mobile has been active since June Programme statistics. 9

10 VII. Sales support Dr.Web OEM license co-branding 1. Co-branding is delivered through the following types of sales support for partners the suppliers of OEM licenses: All licenses activated by customers are assigned to a partner, thus protecting future renewals; The partner s contact information is placed in the user s My Dr.Web Portal and in the service letters sent to the user; A banner containing the partner s logo is placed in My Dr.Web Portal; Printed booklets and scratch cards include the partner s logo; 10

11 Links included in renewal reminders will lead to the Renewal Wizard; once submitted, user renewal requests end up in the partner s Lead Generator. 2. The form to be used to order co-branded OEM cards: 3. The co-branding of e-licenses must be coordinated with Doctor Web s supervising manager via the partner support form. Doctor Web, , Russia, Moscow, 3d street Yamskogo polya 2-12A Phone: +7 (495) , +7 (495) (support) Fax: +7 (495)