How to Implement Threat Event Handling in Android SDKs

Last updated July 18, 2024 by Appdome


In the development of Android SDKs, security is a paramount concern, especially when these SDKs are integrated into various applications. This article provides a detailed guide on how to implement threat event handling within an Android SDK (.aar file). It explores the necessary modifications to the AndroidManifest.xml to configure permissions and event listeners and demonstrate how to implement a BroadcastReceiver to handle specific threat events such as “AppIntegrityError” and “AppIsDebuggable” and more.

By following this setup, detected threats can be managed effectively, improving the SDK’s security and reliability when used in mobile applications. Additionally, integrating threat event handling not only addresses potential security issues but also enhances the SDK’s ability to protect against complex security threats in a constantly changing application environment.

Understanding Threat Events for SDKs

Threat events in the context of SDK Protect are specific security alerts related directly to the SDK’s operational integrity and security. For instance, Appdome uses notification methods to pass these events from its layer back to the SDK. As a result, the SDK can take appropriate actions in response to malicious activities detected by Appdome, improving its capability to protect itself without directly involving the host application.

Step 1: Configure AndroidManifest.xml

To set up your SDK for threat event handling, start with the AndroidManifest.xml. This configuration file needs to declare the necessary permissions and specify the BroadcastReceiver that will listen for these threat events.

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="">
    <uses-permission android:name="android.permission.INTERNET" />

        <meta-data android:name="ThreatEventReceiver" android:value="<app_bundle_id>.SdkEventListener" />
        <meta-data android:name="ThreatEventNames" android:value="AppIntegrityError,AppIsDebuggable" />

Replace <app_bundle_id>.SdkEventListener with the actual package and class name of your event listener.

Step 2: Implement the SdkEventListener

Create a SdkEventListener Class that extends BroadcastReceiver. This class will process the threat events as they are broadcasted by the system.


public class SdkEventListener extends BroadcastReceiver {
    SdkEventListener() {
        Log.i("tag: SdkEventListener", "msg: created");

    public void onReceive(Context context, Intent intent) {
        Log.i("tag: SdkEventListener", "msg: received event intent: " + intent.toString());
        Bundle bundle = intent.getExtras();
        Set<String> keys = bundle.keySet();
        for (String key : keys) {
            Object value = bundle.get(key);
            if (value.toString() == "AppIntegrityError") {
                Log.i("tag: SdkEventListener", "msg: AppIntegrityError event handling");
            } else if (value.toString() == "AppIsDebuggable") {
                Log.i("tag: SdkEventListener", "msg: AppIsDebuggable event handling");

This code snippet logs the creation of the BroadcastReceiver instance and processes incoming intents to handle defined threat events.

By configuring the SDK in this manner, you facilitate Appdome to listen for the defined threat events. When such events are detected, Appdome can trigger threat event notifications to the SDK via the specified BroadcastReceiver, allowing for immediate and automated handling of these threats. This integration not only enhances the security features of the SDK but also automates the response process, reducing the manual overhead in monitoring and responding to security issues.

This setup empowers SDK developers to leverage advanced security automation tools provided by Appdome, enhancing the SDK’s ability to protect itself and the applications it serves from emerging security threats.


Related Articles:

How Do I Learn More?

If you have any questions, please send them our way at or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.


Want a Demo?

SDK Security Integration

TomWe're here to help
We'll get back to you in 24 hours to schedule your demo.