Application Protection and Security for Mobile Apps
What are the risks involved when releasing an app?
Unfortunately, not everyone who downloads your app has good intentions. In fact, some people have decidedly malicious intentions, and you won’t know that your app is in harm’s way until the damage is done. Public app stores are a veritable playground for attackers!
By starting with a debugger, attackers can reverse engineer virtually any app they download from a public app store. This allows attackers to determine how an application runs and do any number of things to wreak havoc.
For example, they can insert code into the application that enables them to steal user credentials, and then trick users into downloading and installing the modified version.
"75% of mobile applications would fail basic security tests." - GARTNER
Common security threats to your mobile apps
Some users compromise their devices on purpose in order to gain additional capabilities, like installing unauthorized apps. This is a popular occurrence on mobile platforms.
When a device is jailbroken/rooted, crucial security mechanisms like mandatory code signing and sandboxing are deactivated. They thereby break the security foundation on which apps otherwise can rely upon.
REPACKAGING OF APPS
Repackaging an app means that an attacker obtains a copy of the app from the distribution platform (Google Play Store or App Store), adds malicious functionality to it, and then re-distributes it to users who believe that they are using a legitimate app or the original app
In order to gain control of an app, attackers will often inject code into the app process to control it from within. This can, for example, be used to read decrypted SSL/TLS communication or to intercept user input, e.g. passwords.
KEYLOGGERS & SCREEN READERS
iOS automatically records user input in a so-called keyboard cache in order to improve its auto-correction feature. This can lead to sensitive information being accessible.
Android offers its users the possibility to install custom software keyboards. These keyboards are naturally being informed about every input the user makes on it and can be used by an attacker as a keylogger.
Apps often display sensitive information that should not be easily ex-filtrated from the app. One easy way to extract information from an app is in the form of a screenshot or by a screen reader.
Debuggers can be used during runtime of the app to extract sensitive information, alter the program flow and help attackers reverse engineer the app.
As with debuggers, emulators can be used to analyze an app to determine how it works and to extract sensitive information that is available while the app is executed.
An overlay attack happens when an attacker places a window over a legitimate application on the device.
Users will interact with the window, thinking they are performing their intended function, but they are actually engaging with the attackers overlay window and executing the attacker’s desired function.
App Shielding is crucial to preserve and improve your business reputation!
These attacks can have devastating consequences. User data can be stolen, putting businesses at risk of regulatory compliance violations and bad publicity. Financial fraud can be committed, resulting in lost revenue. And, of course, there’s the loss of customer and shareholder trust, all having the eventual impact of brand reputation. If the attack goes on long enough, a business could sustain irreparable damage.
You can easily turn your apps into a self-protecting app. Your Android or iOS apps can be quickly uploaded and secured in minutes by using our integration tool, or an SDK that is easily integrated into the app. Once secured, the app is immediately ready for distribution via public app stores.