AppProtect+ proactively protects mobile apps against various risks and attacks, allowing mobile apps to run securely even on highly infected devices. AppProtect+ also provide callback APIs to fulfill user demands, such as to collect and send the risks data to the server.
Comparing with the traditional Antivirus software, AppProtect+ can protect app without virus database update or internet connection; Comparing with the hardened app solution, AppProtect+ can prevent passive attacks (like reverse engineering, repackaging and source code modification), and respond by taking necessary measures to if real-time attacks are detected during app running. So fully protection is achieved.
Runtime App Self-Protection (RASP)
- AppProtect+ isolates applications from the runtime environment to proactively scan and protect mobile apps against malicious attack, allowing apps to run securely even on rooted/ jailbreak devices. For example, screen reader on Android devices and data theft (e.g. stealing of login credential) from entry through a non-reputable third-party keyboard, fulfilling real-time app protection needs.
- The uniqueness of AppProtect+ lies in the ability to detect risks even at the absence of an internet connection, different from traditional virus database matching mechanism. AppProtect+ can avoid possible risk caused by a desynchronized database.
Anti-reverse engineering & Anti-tampering
- Protect the APK from reverse engineering, debugging and cache attack by the tools like APK tool, dex2jar, and JEB. The uniqueness authentication technology will stop the APK running if any APK data tampering is reported.
- Prevent code-injection by White-box encryption technology, and then to block game app tampering, Hook attacks, attacks using system accessibility, fishing, transaction hijacking, data modification etc.
- Supports data encryption, check if the keyboard is trusted, block screenshot and memory data protection to prevent capturing/ hijacking/ tampering the app’s dynamic data and static data.
Client Management from Server
- With the callback function, the user can call the server APIs to collect the client data, and then set up policies based on those data to manage the client account and device access.