How to Test Secured Android Apps on Browserstack, Mobile DevSecOps Best Practices
Learn how to test Appdome-secured Android Apps by using Browserstack’s mobile testing suite. Appdome is 100% compatible with all leading mobile application test automation solutions used by DevSecOps teams. Automated testing of secured Android and iOS app helps developers and others rapidly deploy comprehensive mobile app security and fraud prevention with DevSecOps speed and agility.
This knowledge base article covers the steps needed to test Appdome-secured Android mobile apps by using BrowserStack mobile test automation suite.
Appdome works with all leading mobile automation testing solutions to help customers achieve comprehensive mobile app security at DevSecOps speed and agility, all within the app’s existing application lifecycle.
Use Appdome’s Build2Test service to test Android protected application on Browserstack for both Live and Automated testing.
Customers with an Appdome SRM license can use Appdome’s Build2Test service to quickly and easily test their Appdome-secured mobile apps by using Browserstack, without the need for different Fusion Sets. With Appdome’s Build2Test service, Appdome’s in-app defense model recognizes the unique signature of these testing services and allows for easy testing without issuing a security alert or forcing the app to exit, even if these services use tools such as Magisk or Frida. For details, see How to Use Appdome Mobile App Automation Testing.
Testing on Android Apps
Browserstack allows testing apps by using its App Live and App Automate features, which can both be used for testing Appdome secured mobile apps.
The following table describes which Appdome protection features may be triggered and the reason why:
Appdome Feature | Reason |
Root Prevention | Some of Browserstack devices are rooted |
Detect Developer Options | Required to interact with the device – therefore, turned on in Browserstack’s devices |
Block Android Debug Bridge (ADB) | Required to interact with the device |
Android MiTM Prevention | Browserstack uses a MiTM proxy |
Block Magisk | Magisk is installed on some of the rooted devices |
Prevent Keystroke Injection | Vendor uses adb command to enter text. screen |
Testing .aab Apps
Unlike .apk apps, .aab apps must be re-signed before installation.
To avoid triggering Appdome’s Anti Tampering protection as a result of the re-signing process, you can use either of the following options:
- Use Appdome’s Build2Test
- Convert the test .aab app into Universal.apk, by using the same key that was used for signing the .aab app, and use the Universal.apk file to test with Browserstack.
Live App testing – Android
- Log in to your BrowswerStack account. Alternatively, if you do not yet have an account, Create an account.
- Click the Let’s Go button in BrowserStack’s account page.
The website now displays a page with a list of iOS and Android devices you can test the app with. - Click App Live on the top of the page.
- Click Upload to upload your signed app build.
- After the app upload completes, select the device to be used for testing the app.
To do that, click the device type (in the example shown below, Google) and then the device model. The app will be automatically installed on the selected device and then launched.
Note:
In case of any issues with the app, you need to send the device logs to Appdome Support by following these steps:- Go to Build > Security on on Appdome.
- Enable(toggle On) the option Diagnostic Logs.
For details, see Knowledge Base article Appdome Diagnostic Logs for Troubleshooting Secured Apps.
- Go back to BrowserStack and re-run the steps used for uploading the app with the selected device.
- Click the Kill/Uninstall button on the running app.
- Select the options All Device Logs and Verbose.
- Clear the log under DEVTOOLS.
- On the device, open the app once more, getting to the point where the issue occurred (and take note of the time).
- Click Download at the top right-hand corner under DEVTOOLS.
- Set a name for the downloaded log, including the time the issue occurred.
- Sent the log by email to support@appdome.com, complete with details on the issue, device model, and OS version used in testing.
Automating App Testing on Android
BrowserStack-Specific Appium Capability | Reason |
networkLog | By default, BrowserStack re-signs the app to enable capturing network log. |
Related Articles:
- How to Use Appdome’s Build2Test Service
- How to Test Secured Android Apps on Lambdatest
- How to Test Secured iOS Apps on Lambdatest
- Test Appdome-secured Android Apps by Using SauceLabs
- Testing Secured iOS Apps by Using SauceLabs
- How to Test Secured Android Apps on BitBar
If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.