When developers create a new APP and it becomes popular – there are hackers who want to get into the APP for one of several reasons
- The intellectual challenge of seeing how it works
- To understand how it works so they can create viruses or other malware that can attack it
- To find out if they can hijack the APP to do their bidding
An intellectual challenge isn’t threatening to others but the other reasons are criminal and it does happen that even APPS on APPLE and Android Pplay stores can be cheated by hackers and in some cases there has been a major loss of money and reputation as these problems come to light.
To prevent hackers getting into their APP, developers can use various coding techniques (called APP shielding), usually classified as
- Obfuscation and
- Integrity checks
APP shielding is important in many cases and especially with financial APPS.
App shielding is designed to prevent attackers from modifying your app during runtime or at rest, to protect your app’s memory, make app repackaging extremely complex, and provide additional protection against mobile malware.
What Can APP Shielding Do?
- Prevents and effectively stops the most common types of cyber attacks on mobile apps.
- Stop Mobile Malware
- Advanced obfuscation and integrity checks prevents the APP being reverse-engineered which can lead to it being repackaged and released on the app marketplace under a new name.
- Protect User Data
- Stop untrusted keyboards, malicious screen readers or screen recorders from stealing the sensitive data, as well as the data leakage via user or system screenshots.
Recent research shows that :-
- Of 1.7 million apps on the Google Play store, only 24.5% had any Code Protection.
- 86% of Malware is delivered through APPS that have been re-packaged.
These numbers are of concern as we trust downloads from Google Play store and APPLE but maybe we shouldn’t be so trusting.
Increasingly, developers tool kits will contain code for implementing APP shielding, so it should become common practice for APP developers.
If you have any experience with APP shielding, do let me know, by email.