What Is It?
App Shielding is a set of technologies to secure an app at runtime, allowing detection of modifications, tampering and use of the tools associated with reverse engineering or dynamic analysis.
- Protect against all forms of app tampering, including fake apps
- Control what devices your app can run on, including banning of emulators and simulators
- Optionally block apps running on jailbroken or rooted devices
- Detect and ban known hacking tools and frameworks
Approov performs advanced runtime memory analysis to verify the integrity of the app and the environment in which it is running. Collected measurements are analyzed in real time by our cloud service which performs the verification. By offloading this analysis into the cloud, Approov can provide stronger and more flexible defense than solutions that only harden the app.
App Tamper Detection
Approov's analysis ensures your untampered official app is present. This prevents unofficial app modifications and gives you complete control over which specific versions of your app are accepted. Scripts will never be able to spoof traffic as if it were coming from your real app.
The app tamper analysis provides a positive verification that your app is present. This prevents repackaging modification and fake app attacks, ensuring you are fully in control of which apps can be used to access your backend API resources.
Jailbreak and Root Detection
Detects if your app is running on a jailbroken iOS device or a rooted Android device. Such devices pose considerable extra risk, as enhanced privileges allow more advanced hacking tools to run that compromise your app’s sandbox. Such devices may allow data theft from your app or interference with its operation. Approov provides advanced Android Magisk detection, even when Magisk is fully cloaked.
Detect any attempt to connect a debugger to your running app, using a variety of detection techniques and defenses. This removes the risk of data exfiltration and malicious manipulation.
Real users of your app won’t be using an emulator. Hackers will because it allows easier manipulation of the environment, including the underlying operating system. Approov employs various techniques to detect if the app is running in such a risky environment.
Hacking Framework Detection
There are a wide range of reverse engineering and function hooking tools available for both iOS and Android. Approov has a wide range of detections for these, detecting Frida, Xposed, Cydia and others. Approov also has defenses against memory dumping approaches.
Cloner App Detection
There are a large number of cloner apps for Android, enabling the running of multiple instances of your app on a single device. Cloner apps are extremely dangerous from a security perspective since they fundamentally undermine Android sandbox security guarantees, allowing attacks from the cloner app itself or between apps installed in the same cloner.