In-App Protection and Security for Mobile Apps

Mobile apps are vulnerable!

Cybercriminals are targeting the mobile channel more aggressively than ever before, and app developers must take a proactive approach to app security to combat this new aggression. The number of mobile malware attacking users of mobile devices is increasing rapidly each year. At the same time, malicious apps continue to be distributed on 3rd party app stores and frequently slip under the radar on the official app stores.

Tackling the multi-faceted challenge of developing a successful mobile app is no easy feat, and developers must contend with pressures from every direction. It is imperative to get an app built, tested, and published as quickly as possible. However, in the rush to market, app protection cannot be overlooked.

"75% of mobile applications would fail basic security tests." - GARTNER

Common security threats to your mobile apps

CREDENTIAL HARVESTING

Attackers can alter the authentication mechanisms of your app to phish user credentials. Invaders can also falsify the user interface of your app and convince your end-users to give away passwords unsuspectingly.

MAN-IN-THE-MIDDLE (MiTM) ATTACKS

The data-in-motion – that is, data that flows from your mobile app to the server and back. Attackers can easily intercept and direct their victims’ data to their device and eavesdrop on the communication, performing a Man-in-The-Middle (MiTM) attack.

MOBILE MALWARE

Mobile malware attacks are booming, and cybercriminals are increasingly turning their attention to attacking smartphones and apps with credential-stealing malware.

CIRCUMVENTION OF SECURITY MECHANISMS

Security mechanisms in your app can be disabled, changed, or even removed.

FINANCIAL FRAUD

Attackers can tamper with the payment modules in the app or carry out attacks designed to capture a user’s login credentials as they naturally input it into the phone.

EXTRACTION OF KEYS & SECRETS

API keys and other secrets poorly hidden inside mobile apps are a common source of mobile insecurity. Attackers look not only at what is sent across the network but also at the app itself and what they receive in their own copy of the app.

APP REPACKAGING AND CLONING

Repackaged apps are usually infected versions of popular apps. An attacker can download a popular Android app, and obtain the code using reverse engineering and then add their code (often malicious) to it and repackage and release the app.

APP PIRACY AND IP THEFT

App piracy is a massive problem, and has been for some time. A common pathway to piracy is reverse engineering – unpacking an app’s compiled code in order to obtain its source code.

COMPROMISED DEVICES

There are two types of compromised devices: “Jailbroken” Apple iOS devices and “Rooted” Android devices. Some of the most widspread mobile malware (e.g. BankBot) are equipped with Rootkits. A rootkit is a malicious software, designed to enable access to a device or an area of its software that is not otherwise allowed.

APP TAMPERING

Attackers can tamper with or install a backdoor in your app, re-sign it and publish the malicious version to third-party app marketplaces. Such attacks typically target popular apps and financial apps.

In-App Protection is crucial to preserve and improve your business reputation!

These attacks can have devastating consequences. User data can be stolen, putting businesses at risk of regulatory compliance violations and bad publicity. Financial fraud can be committed, resulting in lost revenue. And, of course, there’s the loss of customer and shareholder trust, all having the eventual impact of brand reputation. If the attack goes on long enough, a business could sustain irreparable damage.

Comprehensive In-App Protection

PROTECT

Impede attackers’ attempts to reverse-engineer and modify your app. Promon SHIELD™ makes it more difficult for attackers to spoof your app, tamper with its security controls or perform other nefarious activities.

Obfuscation

App binding

Repackaging detection

App communication

TLS certificate pinning

Client authentication using a client-certificate

Identifying the app/device as an authentication factor

Store data encrypted inside the app

Binding the data to be encrypted to the device

Whitebox cryptography (additional feature)

DETECT

Monitor your mobile app’s runtime behavior. Detect whether the app is executing in an insecure environment such as on a rooted (Android) or jailbroken (iOS) device. Mitigate the risks of overlay attacks, debuggers, emulators, and other means by which attackers examine, penetrate, and compromise a mobile app.

Ensure app is running in safe environment

Debugger detection

Jailbreak / Root detection

Emulator detection

Ensure app is not altered or tampered with (e.g. by malware) at runtime

Detection & protection against StrandHogg exploits

Checksum

Overlay Detection

Resource verification

Hook detection

REACT

Upon detecting malicious activity, an app protected by Promon SHIELD™ will modify its behavior in real time to interrupt potential attacks. Response actions include blocking execution of injected code, notifying security administrators, and terminating the infected app to stop the execution of a compromised app.

Integrity checking

Custom reactions

Screenshot detection / blocking

Anti keylogging

Anti screenreading

Alert / reporting

Blocking external screens

Prevent brute force decryption of sensitive information

Easy deployment!

You can easily turn your apps into a self-protecting app. Your Android or iOS apps can be quickly uploaded and secured in minutes by using our integration tool, or an SDK that is easily integrated into the app. Once secured, the app is immediately ready for distribution via public app stores.