Another way to think about checksum verification is that checksum verification helps ensure the mobile app is what the user expected. If you’ve written your mobile app to take advantage of checksum verification, it greatly increases the difficulty of an attacker modifying your app successfully. For a bit more background on checksum verification, there is an interesting piece on Appleinsider: How to verify checksums when you download an app for your Mac.

How Appdome uses Checksum Verification

Appdome’s security features are only added to a mobile app by choice. When you build an app, we process a checksum of your app and the built code to ensure integrity. The checksum is encrypted and embedded into the final, built app. Furthermore, this checksum is calculated and used as an encryption key for the Appdome-built app, to apply a “seal” to the app. This process is called “checksum verification and sealing.”  When an Appdome-built app runs, the Appdome fusion adapter attached to the app checks to ensure that there is no mismatch in the checksum.  If there is, the fusion adapter will cause the app to exit.

Checksum Verification is part of ONEShield™, Appdome’s app shielding solution.

Thanks for reading! This blog is part of a series focused on Mobile Security Basics, which is appropriate for readers of any level looking to increase their overall mobile security knowledge.