ONEShield™ No-Code Mobile RASP Explained
Protect mobile apps with App Integrity/Structure Scan, Code Obfuscation, Anti-Tampering, Detect Debugger Code Manipulations, Prevent Running on Simulators and Emulators, Checksum Validation, Anti-Debugging, Anti-Reversing, Obfuscate Built Services, and more.
This Knowledge Base article explains how you can use Appdome’s no-code mobile app hardening to fully protect and harden any mobile app without code or coding.
We hope you find it useful and enjoy using Appdome!
About ONEShield Mobile App Shielding/ App Hardening
ONEShield™ is Appdome’s advanced mobile app hardening features, among them anti-tampering, anti-debugging and anti-reversing protections, and other features — making Appdome the single most comprehensive solution to protect mobile apps.
The Appdome platform adds ONEShield™ to every app our customers build on appdome, so every app gets equipped with advanced mobile app hardening automatically! Whether you’re building Appdome Mobile Security Suite, EMM SDKs, or an Identity SDK, your app will automatically be protected with ONEShield advanced app shielding.
The app you are building on Appdome can be built with any native tool such as Xcode for iOS or Android Studio, or any other framework, including hybrid and cross-platform frameworks such as Xamarin, Cordova, React Native, and Flutter. ONEShield™ by Appdome supports only ARM 64-bit architectures.
Follow these step-by-step instructions to add ONEShield™ to Any Mobile App in seconds.
Upload a Mobile App to Your Account
- Click the Build tab.
- In the top menu, select any category (eg: Security, Management, Access, Identity, Mobile Threat, etc).
- (optional) switch on the feature and add any configuration or input requirements (if needed).
- Click Build My App.
ONEShield™ includes all of the following app hardening features:
Anti-Debugging will do the following, depending on the platform:
- iOS: Connecting a debugger will cause the debugging client (lldb) to halt.
- After a sufficient wait time, the debug session will terminate and the debugger with a crash.
- Attempting to attach to the process with a debugger, tracing tool or code injectors will result in the app misbehaving in random and unpredictable ways. The app will eventually terminate.
- Attempting to debug the Java Virtual Machine (JVM) using JDB (or anything that utilizes the JDWP protocol) will disconnect the debugger automatically.
Detect Debugger Code Manipulations – during the app run-time, Appdome actively detects and blocks any code manipulations performed by debuggers and other dynamic analysis tools. This includes blocking hooking frameworks and attack methods that include techniques like method hooking, function hooking, and API hooking.
Anti-Tampering – Protects against all of the following:
- Resigning the application
- Attempting to Modify the Appdome adapter
- Modifying the application’s executable
- Repackaging the app
Checksum Validation – Checksum validation calculates a cryptographic hash (a unique fingerprint of information, binary data, and assets), and validates the hash at runtime, detecting any modifications to the app, app resources, configuration elements, and more.
App Integrity and Structure Scan – App integrity and structure scan check the app’s composition, data structure, data elements, and communication paths to validate the integrity and authenticity of the app, as well as to detect elements within the app which that could be used as attack vectors (such as unknown or malicious URLs).
Appdome looks for weakening elements in the application such as malicious URLs.
- In iOS apps, the Anti-Reversing feature obfuscates selector references in the main executable (which prevents the cross-reference searches).
- In Android apps, the Anti-Reversing feature obfuscates all plaintext strings in DEX files
Obfuscate Built Services – Obfuscates Appdome’s code AND the new customer selected services added to the app during Fusion. In addition, the data embedded in Appdome’s code will be encrypted, to prevent common “recon” attacks (like searching for strings in the code).
*Note: 3rd party services will not be obfuscated. So for example, the code responsible forTOTALDataTM Encryption will be obfuscated, while for VMWare Workspace ONE (AirWatch) only the adapter code that glues the SDK to the application will be obfuscated, the VMWare Workspace ONE (AirWatch) code will remain as it is.
Prevent Running on Simulators – A common method for attackers to compromise mobile apps is to run the app on a simulator and observe the app’s behaviors and study how it functions in a running environment (a process called dynamic code analysis). Appdome detects when the app is running on a simulator and disconnects the app.
Prevent Running on Emulators – detects if the app is running on an emulator. Emulators can be used to reverse engineer, hack your application, and sniff its communications which makes it a security threat.
After you have made your selections, click Build My App and in about 20 – 40 seconds your app will be protected with ONEShield™.
After Adding ONEShield™ to a Mobile App on Appdome
After you have added ONEShield™ to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.
Add Context™ to the Appdome-Built App
Appdome is a full-featured mobile integration platform. Within Context™, Appdome users can brand the app, including adding a favicon to denote the new service added to the app.
For more information on the range of options available in Context™, please read this knowledge base article.
Sign the Appdome-Built App (Required)
In order to deploy an Appdome-Built app, the app must be signed. Signing iOS apps and Signing Android apps on Appdome is easy. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.
Deploy the Appdome-Built App to a Mobile Device
Once you have signed your Appdome-Built app, you can deploy it using your distribution method of choice. For more information on deploying your Appdome-Built apps, please read this knowledge base.
That is it – Enjoy Appdome’s ONEShield™ protection in your app!
How Do I Learn More?
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.