Mobile App Shielding | App Protection

YESsafe AppProtect+ Video

Product Introduction

YESsafe AppProtect+ detects and protects the mobile app from threats, such as reverse-engineering, tampering, code-injection and more. In an insecure OS environment, apps integrated with YESsafe AppProtect+ have rooted and jailbreak detection mechanisms that allow a mobile app to operate securely without compromising the app’s integrity and confidentiality.

Protecting apps even in the absence of an internet connection or without an updated virus database, AppProtect+ protects mobile apps against static and dynamic attacks (e.g. repackaging, source code modification), and respond by taking necessary measures when real-time attacks are detected during runtime.

Moreover, AppProtect+ is EMVCo SBMP certified. An EMVCo certified app solution ensures that mobile apps can withstand real-time threats and attacks.

DOWNLOAD BROCHURE

Runtime App Self-Protection (RASP)

AppProtect+ isolates applications from the runtime environment to proactively scan and protect mobile apps against malicious attacks, allowing apps to run securely even on rooted/ jailbreak devices. E.g. upon detection of the presence of an untrusted screen reader, AppProtect+ blocks the screen reader from receiving data from the protected app.
The uniqueness of AppProtect+ lies in the ability to detect risks even in the absence of an internet connection. AppProtect+ can avoid possible risks caused by a desynchronized database.

Core Functions

App Shielding

Protect your app against static and dynamic attacks, preventing tampering, reverse engineering and malware attacks.
Detects and prevents real-time attacks. App shielding protects your app in any environment, including an untrusted environment.

Code Protection

Code obfuscation conceals the logic and purpose of an app’s code, making it harder for an attacker to find vulnerabilities and retrieve sensitive app data
Code hardening renders your code illegible without affecting its functionality, making the app more resistant to reverse engineering and app tampering, protecting against intellectual property theft, loss of revenue and possible reputational damage

App Data Protection

Secure Dynamic Data (SDD) – a security feature that enables the storage of sensitive app data (e.g. session tokens, API keys) locally on the end-user devices in a secure and encrypted manner, even on rooted/ jailbreak devices.
Secure Static Data (SSD) – Protects fixed assets inside your app, such as certificates and API keys. With SSD, assets are automatically encrypted during shielding and only decrypted at application runtime when needed by the application code.

App Scanning

Scans the app and provide the user with a report highlighting any weaknesses and vulnerability found for the user to review and improve on.
Checks the app’s vulnerability against of the latest list of software and hardware weaknesses database compiled by leading open-source security communities such as OWASP and CWE.

App Pulse+

Application threat alarm and analysis:

Real-time collection of security threats detected by the application and its operating environment.
Provides alarm information, including threat event type, device model, system version, time of occurrence, etc.
Historical information can be combined on a statistical dashboard for overall analysis.

Application data collection and analysis:

Collects data on user distribution, user participation, function usage, and performance indicators.
Helps application owners and enterprises understand the application usage status through customizable statistical reports and dashboards.
Enables monitoring of user dynamics to control the direction of business development and improve overall performance.

YESsafe AppProtect+ responds promptly to any risk detected on the client side. Fulfilling app protection, risk detection and respond actions requirements, providing the complete app protection cycle.