With more and more people relying on their smartphones for banking, shopping, and accessing sensitive apps and data, fraudsters are finding new ways to exploit phone vulnerabilities to steal money and information. One common technique involves leveraging jailbroken phones to bypass security controls.

For businesses that deal with mobile transactions, jailbroken phones in the wrong hands can lead to fraudulent activity that damages their bottom line or compromises user data. Detecting jailbroken devices plays a crucial role in identifying and preventing mobile fraud, as these devices hold a higher potential for fraudulent activity despite their legitimate uses.

In this post, we'll explain what jailbreaking is, why detecting jailbroken devices matters for fraud prevention, the typical signs of a jailbroken phone, and methods you can use to see if a device accessing your app or service has elevated privileges that come with jailbreaking.

What is Jailbreaking?

Jailbreaking a phone refers to modifying the operating system, specifically on an iPhone, iPad, or other iOS device, to remove restrictions and allow additional functionality not approved by Apple. It provides root access to the iOS file system, letting users install apps, extensions, and themes unavailable on the official App Store. These elevated privileges give users more capabilities and make it easy to customize their devices, even in ways Apple would not permit.

The process typically requires exploiting security vulnerabilities in iOS to bypass its restrictions. This exploitation may impact security and stability, and jailbreaking voids the device's warranty since it breaks the user agreement with Apple. Apple frequently patches exploits used by jailbreakers in their iOS updates. As a result, jailbroken devices often stop working until the jailbreak community develops new tools, creating a continuous race between Apple and the jailbreak community.

Jailbreaking gives greater freedom and customization, which can be appealing to power users who want fuller control over their iOS devices. However, these extra capabilities come at the cost of less secure devices, allowing fraudsters to use them for fraudulent activity.

Reasons to Jailbreak a Device

Since jailbreaking a phone unlocks it from the manufacturer's restrictions, there are many practical reasons why someone might choose to jailbreak their phone:

Customization and Enhancements

A jailbroken phone gives the user complete control over its appearance and functionality. It allows them to tailor it to their style and preferences in ways not possible within Apple's restrictions. By jailbreaking their device, users can fundamentally customize the aesthetics and the underlying iOS behaviors. For example, users may make tweaks that improve battery efficiency or overall system speed. Or they may install themes, customize app icons, or change the colors.

Unlocking Network Restrictions

Cellular carriers often lock the phones they sell so they only work on their specific mobile network, also known as SIM locking. Some users jailbreak their phones to bypass the carrier lock restrictions coded into the firmware by the provider. Then, the phone can accept any carrier's SIM card and connect to alternative mobile networks. This freedom is helpful when traveling internationally, trying out a different operator's prices and coverage, or reselling a device on the secondhand market.

Access to Unauthorized Apps

Jailbreaking allows the installation of apps and software not available on the official App Store. These apps offer features that the App Store's policies reject, such as deep system customizations, certain emulators, or system utilities, providing otherwise restricted or unavailable functionalities.

Removing Pre-installed Software

Pre-installed applications, often called "bloatware," come on many phones and tablets, and the standard user interface does not allow their removal. These unwanted apps can consume an undesirable amount of the device's storage and memory, which can hinder the performance and longevity of the device. Jailbreaking allows users to uninstall any pre-loaded apps bundled by the manufacturer or cellular carrier.

The Drawbacks of Jailbreaking

While jailbreaking an iPhone or other iOS device can provide additional freedoms and customization options, it exposes users to new risks:

Security Vulnerabilities

The process of jailbreaking typically relies on exploiting software security vulnerabilities. By leveraging these flaws in pursuit of modification abilities, users remove the protections built into the operating system and open security holes. Devices become more susceptible to malware, spyware, and other malicious threats that could compromise the device and the user's data and privacy.

Voiding the Warranty

One of the immediate consequences of jailbreaking is that it voids the phone's factory warranty with Apple since it breaks the user agreements governing the phone. If the user jailbreaks the phone, the warranty will not cover or address any issues that arise, making repairs or replacements costly.

Disruption of Features

Certain jailbreak tweaks and customizations have the potential to damage the functioning of various apps, services, or features on the device. Stability issues may occur, leading to crashes and bugs, or users could fully "brick" their phones, making them completely unusable. This damage can happen if something goes wrong during jailbreaking or installing an incompatible tweak.

Upgrade Incompatibility

Apple often sends patches with iOS updates that fix security vulnerabilities, including those exploited for jailbreaking. Therefore, updating the device may remove the jailbreak capabilities, while avoiding updates can leave the device vulnerable to security flaws fixed in the newer versions.

How Fraudsters Use Jailbroken Devices

Fraudsters use their own jailbroken phones to conduct fraudulent activities by leveraging unrestricted access to the device's system. This access allows them to install and use tools and applications that are not available through the official app store. These apps can enable them to spoof their device's location to bypass geographic restrictions, modify device identifiers to evade detection and blocklisting by security systems and intercept or fabricate digital communications to conduct phishing or identity theft.

However, there is an equally concerning avenue of exploitation: targeting devices jailbroken by their owners for practical uses like personal customization or enhanced functionalities.

Bypass Phone Manufacturer Restrictions

Users jailbreak their phones to bypass Apple's restrictions, weakening the device's security framework. This diminished security allows fraudsters to exploit these vulnerabilities and install malware or malicious software without the user's knowledge. The malware can range from keyloggers that capture sensitive information like passwords and financial data to more sophisticated backdoors that give fraudsters complete control over the device. Additionally, the fraudster can use the user's contacts to facilitate the spreading of malware to other devices.

Clone apps and fake real applications

Beyond installing malware, fraudsters can leverage jailbroken devices to clone apps or create fake versions of legitimate banking or payment apps, tricking users into entering their credentials into a bogus interface designed to harvest sensitive information.

Execute Man-In-The-Middle Attacks

Additionally, fraudsters can use man-in-the-middle (MiTM) attacks to capture sensitive data and intercept and manipulate the communication between the user's device and external servers.

Detecting Jailbroken Devices

Given the risks associated with jailbroken devices, including a higher vulnerability to fraud and malware, businesses must identify when jailbroken phones are accessing their services. This detection allows businesses to safeguard their services, protect user data, and decrease the risk of fraudulent activities.

When a jailbroken device is detected, companies can make informed decisions on handling these users based on the use case, such as adding additional friction to complete specific actions.

The methods for detecting jailbroken devices encompass a variety of checks, such as scanning for unauthorized file system modifications, monitoring for unusual API usage that could indicate bypassing standard security measures, and verifying system integrity to detect any tampering with the operating system. These techniques help identify alterations typical of jailbroken devices, such as the presence of third-party app installers or modifications that grant apps elevated permissions.

However, implementing these detection mechanisms comes with its challenges. The dynamic nature of phone technology means that jailbreaking methods and tools constantly evolve, requiring businesses to update their detection algorithms frequently to keep up.

Jailbroken Device Detection with Fingerprint

Fingerprint's Device Intelligence Platform is a simple and effective way to detect jailbroken devices. Specifically, our Smart Signals provide a suite of browser and mobile indicators that can give insight into your users' intentions. Using the Jailbroken Device Detection Smart Signal, when a user visits your site from a mobile device, you can instantly know if they are using a jailbroken iOS device.

By leveraging jailbroken device detection and our other device intelligence signals like factory reset detection, Frida detection, and VPN detection, Fingerprint enables you to design tailored business logic ranging from inserting subtle friction to setting limitations to complete blocking actions from jailbroken devices. Thereby effectively helping you detect and mitigate potentially fraudulent activities.

We are constantly researching browser and mobile phone technology changes and innovating our algorithms to ensure we provide the most accurate and up-to-date information. Any threat assessment process can easily integrate the data from the Smart Signals via API to make more robust decisions.

Conclusion

Companies can preemptively uncover threats by incorporating jailbroken device detection measures into their existing fraud toolsets, potentially preventing fraudulent mobile activity. As mobile fraudsters become increasingly sophisticated, mobile defenses must similarly evolve.

Fingerprint provides a practical approach by seamlessly integrating 99.5% accurate device recognition and jailbroken device detection capabilities. We also offer Android tampering detection to identify rooted devices. This combination empowers businesses to protect their digital assets and mobile transactions while providing an optimal user experience.

Contact our sales team to learn more about how Fingerprint Smart Signals can help you prevent fraud, or start a free trial to see our jailbroken device detection in action.