A Mobile Security Vendor was looking for ways to identify and implement a solution that would provide safe Web Browsing protection from compromised and malicious websites for users of the Company’s flagship mobile security offering. Additionally, provide parental controls web filtering to enable users to block access to porn and other websites with inappropriate content.
Client Profile
Leading mobile security vendor with over 5 million users (“Solution Provider”)
Industry
Mobile Security
Deployment Requirement
zvelo cloud-based implementation with zero-hour malicious and phishing website protection, combined with fast query performance.
“We required a solution that provided zero-hour or quicker detection and protection for our users from malicious and phishing websites, particularly websites targeting mobile users, to help differentiate our mobile security offering, as well as the ability to scale to support our rapid growth.”
– VP of Technical Services, Mobile Security Vendor
The Challenge
The Mobile Security Vendor was looking for ways to differentiate its smartphone security offering by adding Web browsing protection against compromised and malicious websites, as well as the ability to provide web filtering/blocking for porn and other websites which were inappropriate. As the mobile security vendor’s user base expanded into a number of international markets, there was also a need to provide support for a number of major languages in its key European, Asian and America’s markets. Importantly, the vendor was looking for a solution that provided zero-minute malicious protection for mobile websites, a cloud-based deployment option and a pricing structure that mirrored their business model.
With the increasing amount of malware and web threats targeting mobile users, the Mobile Security Vendor identified the need for significantly boosting protection for its users from malware and web-based threats targeting Android and iPhone devices by mobile apps and malicious websites.
| The Mobile Security Vendor identified a number of objectives to provide a safer Web experience for its users: | |||
|---|---|---|---|
| Malicious website protection – the primary objective was to provide up-to-the-minute protection against compromised and malicious websites, particularly those threats targeting mobile smartphone users, including sites hosting spyware, malware, botnets, phishing, fraud and other exploits. | |||
| Web filtering – an additional objective was to provide a web filtering offering, positioned as a parental controls service, that enabled blocking of porn, sex, violence and other inappropriate content, as well as the ability to block streaming video, social networking and other high bandwidth-intensive websites. | |||
| International language support – due to the Mobile Security Vendor’s tremendous success and growth in international markets, coverage and dynamic, auto-categorization support of websites was required for the major languages in the Asian, European and Americas markets. | |||
| Cloud deployment with fast URL query performance – the mobile security vendor required a cloud-based deployment with less than 100 millisecond URL query look-up performance for its users across its international markets, with a small cache of frequently/recently-queried URLs maintained on the smartphone to further optimize performance. | |||
| Scalability – the mobile security vendor required a solution that could accommodate significant numbers of users in the initial launch, as well as scale to support the rapid growth projected by the Mobile Security Vendor for new users and higher adoption rates. | |||
| Flexible pricing model – the mobile security vendor required a pricing structure that mirrored its business model for its user pricing across the various international markets for both its basic offering and premium offerings. | |||
With these objectives and requirements in mind, the Mobile Security Vendor identified the need for a partner that could provide the technical solution, as well as expertise and a successful track record in the mobile marketplace.
“We recognized that a successful relationship would require a partner that could not only address our technical requirements, but who was equally committed to the business relationship and could provide us with the confidence we needed that they would be a responsive and flexible business partner in the mid- and long-term as well. We were breaking new ground with this offering and bringing a completely new service to the market and we needed a partner who was up for the challenge.”
– VP of Business Development, Mobile Security Vendor
The Evaluation
The Mobile Security Vendor conducted an initial high-level evaluation of the coverage and protection of several URL databases before identifying zvelo for a comprehensive evaluation of the malicious coverage, zero-hour malicious and phishing detection, performance, dynamic categorization, miscategorization response handling and time frames, international language support and several other criteria.
| The evaluation criteria included: | |||
|---|---|---|---|
| Malicious and Phishing Detection – an evaluation of zvelo coverage and detection abilities of malicious or phishing URLs, particularly for new mobile/smartphone-oriented sites, was performed, using a range of proprietary and third-party feeds and URLs. Specific tests were also performed that evaluated the speed at which zvelo detected new malicious websites, as well as the speed at which zvelo detected that previously compromised websites had been cleaned or removed. | |||
| Coverage – an evaluation of the zveloDB® compared with the Alexa™ global top 100,000 list was conducted. Additionally, a coverage test was conducted for specific Asian, European and Latin American countries, in which a comparison of the Alexa top 25,000 list for these markets was performed. | |||
| Accuracy – an evaluation of zveloDB’s accuracy was conducted, with an in-depth analysis of over 5,000 URLs collected from actual user traffic. | |||
| Performance – an evaluation of the URL query performance for the zvelo cloud was conducted for users in Asia, Europe and Americas to ensure satisfactory response times. | |||
| Miscat response time – an evaluation of zvelo’s ability and timeliness for handling miscategorized URLs was conducted by submitting miscategorized (aka “false positive”) URLs to zvelo and measuring the time it took zvelo to research and correct a miscategorized URL, as well as the support for an automated user submission process for miscats. | |||
| Category Mapping for Parental Controls – the Mobile Security Vendor evaluated the zvelo ability to provide the required “parental controls” category set by testing a range of URLs for proper category responses. | |||
“We really put zvelo and the zveloDB through its paces in the testing. It was critical that zveloDB have the ability to quickly detect new malicious and compromised websites, as well as the ability to identify when these websites were no longer hosting malware. These were key points to our business model and zvelo really stood up to the test. They have been extremely responsive throughout the entire process and we couldn’t be happier with a business partner.”
– Chief Operating Officer, Mobile Security Vendor
Following the extensive evaluation, the Mobile Security Vendor and zvelo agreed to a partnership for the integration and deployment of the zveloDB offering in the mobile security vendor’s smartphone security offering to provide protection against compromised and malicious websites, as well as the underlying database and categorization services for the mobile security vendor’s parental controls offering. The Mobile Security Vendor’s implementation included real-time lookups to the zvelo cloud, which provides coverage and real-time automated categorization and malicious inspection of new ActiveWeb* sites visited by the collective community of all of users of the zvelo customer base.
Mobile Security Vendor’s Smartphone Security Offering in Action
The Mobile Security Vendor introduced the feature to provide browsing security to its smartphone security users and immediately saw a rapid adoption rate across its markets, as well as an increase in users upgrading to premium service packages for the parental controls offering. The heightened awareness of threats posed by malicious websites, mobile Apps and headlines of Android and iPhone attacks are also adding to the increased demand and adoption of the Mobile Security Vendor’s offerings.
Upon enabling the new features or services, the URLs being accessed by any of the Mobile Security Vendor’s users are queried to zvelo. If the URL is identified as one of several malicious or compromised categories, the user is blocked from accessing the site. If the URL is identified as being in a category other than malicious, the user’s access to the site is allowed or blocked based on the parental controls filtering policies.
Finally, if the URL is a new, previously uncategorized website, (e.g. www.newwebsite.com), and the URL is not found in the above-mentioned query process, the URL is immediately processed by the zvelo to determine the appropriate category (up to 3 categories) and to identify if the website is infected, compromised or contains any type of threat. The www.newwebsite.com URL and its categories are then added to the zveloDB and available for any subsequent queries for the community of users across all of the zvelo customer base.
zvelo’s ability to harness the collective web activity of all of the users of the zvelo customer base provides the basis for the extremely high coverage of the ActiveWeb* and malicious, phishing and objectionable websites. Each additional user increases the breadth of ActiveWeb sites visited and categorized, thereby further increasing the coverage and malicious website detection for all of the collective users.
Ease of Integration, Fast Performance & Scalability
Key requirements for the Mobile Security Vendor included ease of integration of the zveloDB, as well as very fast URL query performance. With the zvelo cloud implementation option, the Mobile Security Vendor simply needed to integrate the lightweight zvelo API into its smartphone security offering. With zvelo’s global network of fully-load balanced and redundant data centers, zvelo is able to route URL queries to the data center which provides the fastest query performance, ensuring that URL queries to the zvelo are consistently performed in 50-80 milliseconds or less. Additionally, the Mobile Security Vendor required the ability to add millions of users at the time of the launch and to support rapid growth as new users were added. With zvelo’s virtualized environment, zvelo was able to quickly scale the capacity to support the initial launch and significant ongoing growth.
“The zvelo API was simple and very easy to implement. It provides the flexibility and performance we need for users across all of our target markets. And zvelo has surpassed our expectations for supporting our very rapid rollout and ramp of users. As our user base and adoption rate for the web protection services has increased, we have continued to experience excellent URL query performance.”
– VP of Technical Services, Mobile Security Vendor
Benefits of zveloDB®
The zveloDB’s 99.99% coverage of the ActiveWeb, combined with zvelo’s real-time categorization for new websites, provided excellent website coverage and accuracy for the Mobile Security Vendor’s smartphone users, while zvelo’s malicious and phishing website detection capabilities provided zero-hour (and faster) protection against threats posed to mobile users by mobile apps, malicious websites and other web-based threats. The speed at which the OEM Partner was able to integrate the zvelo allowed for an extensive testing period.
The Results
The Mobile Security Vendor experienced immediate success for its smartphone web protection and filtering services, across all of its international markets.
“zvelo has been an excellent partner – with the right technology at the right time, supported by a corporate culture committed to the success of its partners.”
– VP of Business Development, Solution Provider
*ActiveWeb – those websites visited by actual users.
