MOBILEBot™ Defense

How Traditional Anti-Bots Work 

Traditional anti-bot offerings have struggled to keep pace with the evolving diversity and sophistication of mobile applications, often trying to force-fit bot defense methods designed for web applications onto mobile frameworks. This mismatch often requires mobile app developers to change the mobile application network stack, remove valuable TLS protecting network connections, or limit bot defense to singular hosts. The result, for the increasingly mobile app-driven economy, is that larger parts of the mobile infrastructure are left vulnerable to mobile bot attacks, fraud, ATOs, API abuse, credential stuffing and more.

What is Appdome’s MOBILEBot™

The new MOBILEBot™ Defense solution offers mobile brands an unparalleled bot detection, comprehensive intelligence, and rapid defense against malicious bots, credential stuffing and ATOs in mobile app business lines.

Appdome’s MOBILEBot™ combines several defense methods to address these weaknesses and provide a robust solution for securing mobile apps against malicious bots. Appdome’s MOBILEBot™ offers full support for all mobile languages and frameworks, including Obj-C, C+, Java, JS, C#, C++, Swift, Kotlin, Flutter, React Native, Unity, Xamarin, Cordova and more. Integration with your mobile apps is facilitated through a No-Code, No-SDK, and Fully Automated Delivery, built to integrate seamlessly with mobile DevOps pipelines.

Overview of Appdome’s MOBILEBot™ Defense Features

MOBILEBot™ Defense

Protected Host
The protected host in the Mobile AntiBot solution is configured to exclusively allow secure communication through a single specified domain, independent of mTLS authentication or secure certificate pinning.

mTLS Pre-Authentication
Appdome’s mTLS Pre-Authentication can be used as fourth verification layer before the Anti-Bot payload is sent to the WAF using a P12 client certificate in the TLS handshake. mTLS Re-Authentication is a quick and easy way to identify good mobile app requests from bad.

Mobile Anti Bot
Appdome’s Mobile Anti-Bot employs a multi-layered approach with application fingerprinting to guarantee not only a tamper-proof payload but also to enhance the WAF’s ability to thwart session replay attacks. This structure offers the WAF insight into the security status of the device running the protected app. Moreover, the WAF can obtain data on threats identified by the protected app and can accurately differentiate between attacks coming from various devices.

To guarantee that the anti-bot signal cannot be spoofed by an attacker, Appdome protects all data-in-transit with pre-packaged and optional features like Secure Certificate Pinning to the (WAF), TLS Session hardening, active MiTM Defense, as well as optional WAF encryption for the Anti-Bot Payload (over and above the RSA Key). 

Note:Please be aware that Security Certificate Pinning and the Anti Bot Secure Certificate Pinning are mutually exclusive. Implementing them together will result in a conflict within the engine. Ensure to use only one method at a time to avoid potential issues.

Anti-Bot Connection Hardening

To eliminate hijacking and replay attacks, Appdome MOBILEBot™ Defense solution protects all data-in-rest with pre-packaged features such as data-at-rest encryption for all Anti-Bot configurations, secrets, keys, IDs, etc. as well as a protected memory space for all Anti-Bot functions.

MiTM Attack Prevention enables the performance of mTLS pre-authentication, monitors connections for MiTM attacks, and safeguards connections and anti-bot payload in transit between the anti-bot solution and any industry standard WAF.

Mobile Device & Connection Risk

Mobile Anti Bot Policy
Includes ThreatIDs for jailbreak, root, Magisk, Zygisk, Jailbreak Bypass tool, Frida ToolKit, Emulators and Simulator detection. Standard Risk Policy is ON by default when Anti-Bot is ON.

Advanced On-Device Bot Detection
On-Device Bot Detection is the ability to detect automated programs interacting with the mobile app such as auto-tapping, auto-clickers, memory editing, keystroke injection, emulators, etc. Advanced Bot Detection Intelligence allows payloads to include the Mobile Threat-ID™, detailed threat description, Threat-Score™, attack geolocation, and meta data such as DeviceID and more than two dozen other variables.

Threat Intelligence Policy
Threat Intelligence Policies go beyond Device State and ThreatID to include Threat-Event Meta data like OS, OS version, DeviceID, Threat-Scores and more. Choose the option(s) to be included in your Anti-Bot Payload.