Application Protection and Security for Mobile Apps

Add robust Mobile App Security without slowing the app development process.

Today, mobile apps are coming under increasing malicious attacks – and no one is immune.

As enterprises are launching more advanced, high-value apps on untrusted operating systems, one of the biggest blockers remains the security of their mobile apps.

Promon SHIELD™ makes it possible to launch effective and secure apps on untrusted devices, without risking data leakage and damage to end-user trust. 

Achieving mobile app security doesn’t have to be difficult or time-consuming. With Promon SHIELD™, your developer team can implement protection to any mobile app for Android or iOS, in minutes!

  • "75% of mobile breaches will be traced to mobile apps by 2017" - GARTNER

Common security threats to your mobile apps

Untrusted devices and Malicious apps

Untrusted devices

When a device is jailbroken/rooted, crucial security mechanisms like mandatory code signing and sandboxing are deactivated, and thereby breaking the security foundation that apps can otherwise rely upon.

Since a jailbroken/rooted device is much more at risk of being compromised, it is important to know whether the device is jailbroken/rooted or not and protect the app itself.

Malicious apps

Malicious apps on mobile platforms are becoming more and more popular.

Since the vulnerabilities and exploits used for jailbroken/rooted devices are publicly available, malicious apps are likely to adopt these methods to gain extensive permissions and capabilities to compromise third party apps.

On non-jailbroken/-rooted devices, there are several methods available for spyware: like executing as a keyboard or screen-reader.

Our solution

Promon SHIELD™ performs detection on multiple levels ranging from well-known standard approaches to new deep-level heuristics that are targeted more towards detecting the essence of a jailbreak/root.

Illustration of a jailbroke / Rooted Operating System

Promon SHIELD™ offers deep-level heuristics that are targeted more towards detecting the essence of a jailbreak/root.

Repackaging of apps

Repackaging of apps

Repackaging is a widely used practice to deploy Malware on Android devices. On Android, this is made possible since there are many distribution platforms apart from the official Google Play Store.

Apple also offers other ways to deploy apps in the form of Ad-Hoc- and Enterprise- Deployment where apps can, for example, be installed on a user’s device from a webpage without being reviewed by Apple.

Our solution

Promon SHIELD™ offers the possibility to detect when an app has been repackaged.

Two apps, one original and one fake.

Safeguard your applications from repackaging attacks and avoid fake versions of your apps distributed in the app stores.






Runtime app tampering

Runtime app tampering

In order to gain control of an app, attackers will often inject code into the app process to control it from within. This can, for example, be used to read decrypted SSL/TLS communication or to intercept user input, e.g. passwords.

Our solution

Promon SHIELD™ detects when a new library is injected into its process and prevent it from executing. Hence, the library injection (man-in-the-app) is blocked, while the app can securely continue to execute.

Mobile with a Man-In-The-App inside. Illustrating mobile app tampering

Protect your apps against Man-In-The-App scenarios and App tampering







User input leakage, Keyloggers and Screen readers

User input leakage

iOS automatically records user input in a so-called keyboard cache in order to improve its auto-correction feature. This can lead to sensitive information being accessible.


Android offers its users the possibility to install custom software keyboards. These keyboards are naturally being informed about every input the user makes on it and can be used by an attacker as a keylogger.

Screenshots and screen readers

Apps often display sensitive information that should not be easily ex-filtrated from the app. One easy way to extract information from an app is in the form of a screenshot or by a screen reader.

Our solution

Promon SHIELD™ prevents user input made in an app from being included in the keyboard cache. On Android, it maintains a whitelist of trusted software keyboards to determine if the used keyboard is trustworthy. Promon SHIELD™ can also detect user-initiated screenshots and screen readers, and perform necessary steps to make sure the ex-filtration is reported.

Magnifying glass above a mobile keyboard illustrating a keylogger spying on user inputs

Detect keyloggers, user-initiated screenshots and screen readers







Reverse engineering of apps


Debuggers can be used during runtime of the app to extract sensitive information, alter the program flow and help attackers reverse engineer the app.


As with debuggers, emulators can be used to analyse an app to determine how it works and to extract sensitive information that is available while the app is executed.

Our solution

In order to prevent these threats, Promon SHIELD™ can detect, when a debugger is attached to the app and perform necessary steps to ensure that the app’s security is not compromised. It can also detect when the app is executed in an emulator and initiate countermeasures.

Hand holding magnifying glass analysing an app

Prevent attackers from extracting sensitive information from your mobile app

Overlay attacks

Overlay attacks

Overlay attacks permit an attacker to draw on top of other windows and apps running on the affected device. (eg. stealing credentials)

Our solution

Promon SHIELD™ detects and determines the heuristic probability of a foreground override attack. The supplied callback data contains this heuristic probability.

Picture showing a malicious extra layer on top of the user log-in interface of an app

Detect and determine the heuristic probability of a foreground override attack.

Cloning of keys or unique identifiers

Cloning of keys or unique identifiers

It is critical in many business cases to know on which device the apps are being used. Once enrolled and activated, it should only run on that particular device.

Mobile apps without security in place have limited power to protect its sensitive data, such as keys and unique identifiers.

Our solution

In order to prevent this threat, Promon SHIELD™ includes security measures such as a Device Binding feature that offers cloning protection. It also protects keys and unique identifiers with State-of-the-art White-box Cryptography inside the app.

Illustration of White-box Cryptography. Model showing how keys and unique identifiers can be hidden inside the mobile app

Hide keys and unique identifiers with White-box Cryptography inside the app.

Add multilayered security to solve these mobile app security issues

Promon SHIELD™ protects your apps from static analysis (encryption and obfuscation). Our technology makes sure the source code is unreadable to attackers that manage to decompile or disassemble them. This prevents the attacker from gaining insight into the structure of your apps, extracting or altering the code and exploiting vulnerabilities.

Promon SHIELD™ also detects and prevents dynamic analysis and real-time attacks. This is the category that GARTNER defines as Runtime Application Self-Protection (RASP) or Application Shielding.

Safeguard mobile apps against:

  • Reverse engineering/decompilation
  • Malware insertion
  • Spoofing of apps to access sensitive data
  • Intellectual property theft and piracy
  • Tampering with security controls or sensitive functions
  • Unauthorized access and fraud
Easy deployment!

You can easily turn your apps into a self-protecting app. Your Android or iOS apps can be quickly uploaded and secured in minutes by using our integration tool, or an SDK that is easily integrated into the app. Once secured, the app is immediately ready for distribution via public app stores.

Easy deployment
Product features


Protect against compromise

Code obfuscation
App binding
Repackaging detection
App communication
TLS certificate pinning
Client authentication using a client-certificate
Identifying the app/device as an authentication factor
Store data encrypted inside the app
Binding the data to be encrypted to the device
Whitebox cryptography
App Management Solution
Trusted binding between a user, an app and the device
Making the app trusted without external security tokens
Registration / activation – securely pair the app / device with the user.


Detect attacks at runtime

Ensure app is running in safe environment
Debugger detection
Jailbreak / Root detection
Emulator detection
Ensure app is not altered or tampered with (e.g. by malware) at runtime
Resource verification
Hook detection


React to ward off attacks

Shutdown (Exit / Fail)
Integrity checking
Custom reactions
Screenshot detection / blocking
Anti keylogging
Anti screenreading
Alert / reporting
Blocking external screens
Prevent brute force decryption of sensitive information