How to implement Appdome's ONEShield Threat Events
Introduction to Appdome ONEShield Threat Events
Appdome’s Threat-Events framework enables app developers to consume, process, and respond to security events detected by Appdome.
This knowledge base article reviews in detail how users can configure Appdome’s ONEShield Threat Events for apps secured using Appdome.
Security events include information such as the type of event detected, the security posture of the app and the environment, as well as information specific to the event type.
When a Threat event is detected by Appdome, the event can be handled by your app or handled by Appdome’s security engine:
- In-App Detection – When a security event is detected by Appdome, Appdome will pass the event between the Appdome layer to the app. The event will be handled by your app.
- In-App Defense – When a security event is detected by Appdome, Appdome will pass the event between the Appdome layer to the app. The event will be handled by Appdome’s security engine: a compromise notification will be shown to the user and Appdome will close the app.
By design, when the mobile application registers to receive Appdome Threat-Events, Appdome will send an initial event. If a threat event was detected by Appdome during the app launch/run, the initial event will hold the triggered security event details. In case that no threat event was triggered, the initial event will only indicate a successful registration to Appdome’s Threat-Events (the events fields will hold no data).
Appdome’s Security Threat events
Appdome customers can configure additional Security Threat Alerts for any mobile app. Review this Knowledge Base article for more details on how users can configure Security Threat Alerts for the mobile apps secured using Appdome.
Configuring Threat-Events for Android Apps
In Android apps, Threat Events are usually implemented using Broadcasts and BroacastRecievers. This broadcast mechanism is the simplest most convenient way to consume events in an Android app and is available throughout all major programming languages and development frameworks.
Appdome automatically secures the data between the app and the appdome events layer by adding custom permission to the application manifest with a protection level type signature. This custom permission is unique to each app built on appdome. In addition, Appdome enforces ONEShield Threat-Events calls to sendBroadcast and registerReceiver to include these permissions. Developers do not need to implement a security handshake in the app.
Threat-Events can be implemented according using any of the following methods:
- (Recommended) If the developer follows the examples and instructions according to our Knowledgebase articles (see links below) and implements the regular broadcasts, Appdome will add the unique custom permission automatically.
- If the developer implements internal permissions and calls versions of sendBroadcast and registerReciever calls with permission, Appdome service will detect it and will not modify the permission.
- If the developer chooses to implement Google’s LocalBroacastManager, Appdome service will detect it and will not modify the permission.
How to add Appdome’s ONEShield Threat-Events to your Mobile App
Follow the instructions on the knowledge-based article below that match your application framework:
- Configuring Appdome Security Alerts for Xamarin Apps
- Configuring Appdome Security Alerts for Mobile Apps
- Configuring Appdome Security Alerts for Cordova Apps
- Configuring Appdome Security Alerts for Swift Apps
- Configuring Appdome Security Alerts for React-Native Apps
- Configuring Appdome Security Alerts for Kotlin Apps
Appdome ONEShield Threat-Events Structure
Each Appdome ONEShield Threat-Event is a set of key/value dictionary. Both key and value are strings: Java Strings for Android App, and NSString for iOS Apps.
Example: An event for Appdome’s Anti-Tampering Prevention
- reason – The cause which triggered the threat event
- timestamp – The UNIX epoch timestamp of the event
- defaultMessage – The message that would be shown to the user in enforcement mode
- deviceID – Unique mobile device identifier
- deviceModel – Mobile device model
- osVersion – The mobile device OS version
- kernelInfo – Kernel information and details
- deviceManufacturer – mobile device manufacturer
- fusedAppToken – Built App Token
- carrierPlmn – Carrier identity number (PLMN code)
- deviceBrand – Mobile device brand (for Android devices)
- deviceBoard – The board the mobile device is based upon (for Android devices)
- buildHost – Build server of the ROM (for Android devices)
- buildUser – The user who ran the build of the ROM (for Android devices)
- sdkVersion – For Android devices, the Android SDK version.
3 Easy Steps to enable ONEShield Threat-Events in any iOS or Android app
Please follow these 3 easy steps to add Threat-Events to an Android or iOS apps
- Upload an Android or iOS App to Appdome’s no code security platform (.apk, .aab, or .ipa)
- In the Build Tab, under Security, expand Expand the ONEShield category
- Under the Anti-Tampering category, checked the Threat Events checkbox, and choose the notification mode (In-App Detection or In-App Defense)
Click Build My App
Congratulations! The mobile app is now secured with Threat-Events.
Prerequisites
- Appdome account (If you don’t have an account, you can sign up for free.)
- ONEShield Threat Events license
- Mobile App (.ipa for iOS, or .apk or .aab for Android)
How to Sign & Publish Secured Mobile Apps Built on Appdome
After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include:
- Signing Secure iOS and Android apps
- Customizing, Configuring & Branding Secure Mobile Apps
- Deploying/Publishing Secure mobile apps to Public or Private app stores
Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome.
How to Learn More
Check out the full menu of features in the Appdome ONEShield.
Check out the full menu of features in the Appdome Mobile Security Suite
If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.
Or request a demo at any time.
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.