DevSecOps Testing Android, iOS Apps Using Perfecto

Learn how to test Runtime Application Self Protecting (RASP) Protected and obfuscated Android & iOS Apps using Perfecto’s mobile testing suite. Appdome is 100% compatible with all leading mobile application test automation solutions. Automated testing of secured Android and iOS app helps developers and others rapidly deploy comprehensive mobile app security and fraud prevention with DevSecOps speed and agility.

DevSecOps Testing with Perfecto | Secured Android, iOS Apps

This knowledge base article covers the steps needed to test Appdome secured Android & iOS mobile apps using Perfecto’s mobile test automation suite.

Secure the App Using Appdome

  • First, build your Android app with Appdome’s no-code mobile app security and/or fraud prevention protections.
  • For Android apps, make sure that the “Detect Developer Options” is NOT enabled on Appdome (Android Developer Options are required in order to use Perfecto’s testing platform).

 

appdome detect android developer options

 

  • In order to use Perfecto, it is recommended that you enable Appdome Threat Events for Anti-Tampering, as shown below:

 

anti-tampering appdome oneshield

 

Testing the Appdome-Secured App Using Perfecto

  • Go to https://perfecto.io and from the top menu select Logins->Mobile Cloud Log-in
  • Enter your login credentials and log-in.
  • Select ACCOUNT SETUP

 

perfecto.mobile.automation.testing.1

 

  • On the top, go to the PRIVATE tab.

 

perfecto.mobile.automation.testing screens

 

  • Click “Upload file” and upload your test app.
  • From the top menu select Manual Testing

 

perfecto.mobile.automation.testing.android

 

  • Select the device you want to run your test on. Double click on the device to select it.

 

perfecto.mobile.automation.testing.android

 

  • After opening the chosen device, click the Apps icon and select +INSTALL NEW

 

perfecto.mobile.automation.testing.android

 

  • Select the app you previously uploaded, check “Launch after installing”, then click NEXT and INSTALL APP

 

perfecto.mobile.automation.testing.android

 

  • Run your test manually. You can view the phone’s logs by clicking the Logs icon.

 

perfecto.mobile.automation.testing.android

 

Testing Secured iOS Apps using Perfecto 

Follow these steps to test an Appdome-secured iOS app with Perfecto Mobile test automation suite.

  • Build your iOS app with Appdome’s no-code mobile app security and/or fraud prevention protections.
  • In order to use Perfecto, it is recommended that you build your app using Appdome Threat Events for Anti-Tampering, as shown below:

anti-tampering appdome oneshield

 

  • Go to https://perfecto.io and from the top menu select Logins->Mobile Cloud Login
  • Enter your login credentials and log-in.
  • Select ACCOUNT SETUP.

 

perfecto.mobile.automation.testing.1

 

  • On the top, go to the PRIVATE tab.

 

perfecto.mobile.automation.testing screens

  • Press “Upload file” and upload your test app.
  • From the top menu select Manual Testing

 

perfecto.mobile.automation.testing

 

  • Select the device you want to run your test on. Double-click to select the device.

 

perfecto.mobile.automation.testing

 

  • After opening the chosen device, press the Apps icon and select +INSTALL NEW

 

perfecto.mobile.automation.testing

 

  • Select the app you previously uploaded, then in the CONFIGURE APP tab, check “Resign application” and uncheck “Launch after installing”, then click INSTALL APP.

 

perfecto.mobile.automation.testing

 

  • Wait for the installation to complete. Then Launch your test app and run your test manually.
  • You can view the mobile device logs by pressing the Logs icon:

 

perfecto.mobile.automation.testing

Troubleshooting Tips

If you see the message such as: “Application has violated security policies and it will be shut down”, this means that (1) techniques such as emulators, tampering, or reverse engineering are present, and (2) the Fusion Set does not contain Appdome Threat-Events. This is likely because the user is running Perfecto in ’emulator testing’ mode, which Appdome protects against.

Perfecto can be used in one of two modes: emulator testing or manual testing.  Using Perfecto in “emulator mode” will trigger Appdome’s ONEShield app hardening protection.  Therefore you should use manual mode (ie: real mobile devices) to test Appdome-secured apps.

Also, you should avoid enabling Perfecto’s “Instrumentation” options, as this will also trigger Appdome’s protections.

Alan Bavosa

Have a question?

Ask an expert

PaulMaking your security project a success!