Mobile App Threat Intelligence in Kotlin Apps

Introduction

This Knowledge Base article reviews in detail how users can add mobile app threat intelligence in Kotlin apps.

Appdome Security Alerts, Threat-Events™,  is part of the Appdome Mobile Security Suite.

We hope you find it useful and enjoy using Appdome!

Prerequisites

Before enabling Threat-Eventsfollow these steps below for Kotlin apps to handle the incoming security events in your application.

Add the following lines to your app which follow and receive Appdome Security Events: 

(You can copy the code from the file Kotlin Android)


private val TAG = "Appdome ThreatEvent"
private val BLOCKED_KEYBOARD = "BlockedKeyboardEvent"
private val BLOCKED_CLIPBOARD = "BlockedClipboardEvent"
private val SSL_VALIDATION_FAILED = "SslCertificateValidationFailed"
private val SSL_NON_SSL_CONNECTION = "SslNonSslConnection"
private val SSL_CERT_PINNING_FAILED = "SslServerCertificatePinningFailed"
private val ACCCES_OUTSIDE_WHITELIST = "UrlWhitelistFailed"
private val SSL_INCOMPATIBLE_CIPHER = "SslIncompatibleCipher"
private val SSL_INCOMPATIBLE_TLS = "SslIncompatibleVersion"
private val SSL_INVALID_CA_CHAIN = "SslInvalidCertificateChain"
private val SSL_INVALID_RSA_SIGNATURE = "SslInvalidMinRSASignature"
private val SSL_INVALID_ECC_SIGNATURE = "SslInvalidMinECCSignature"
private val SSL_INVALID_DIGEST = "SslInvalidMinDigest"
private var ROOTED_DEVICE = "RootedDevice"
private var TAMPERED_APP = "AppIntegrityError"/*Only When ONEShield Threat Events are enabled*/
var receiver = object: BroadcastReceiver() {
override fun onReceive(context: Context, intent: Intent) {
onEvent(intent)
}
}

fun init() {

this.registerReceiver(receiver, IntentFilter(BLOCKED_CLIPBOARD))
this.registerReceiver(receiver, IntentFilter(BLOCKED_KEYBOARD))
this.registerReceiver(receiver, IntentFilter(ROOTED_DEVICE))
this.registerReceiver(receiver, IntentFilter(SSL_VALIDATION_FAILED))
this.registerReceiver(receiver, IntentFilter(SSL_NON_SSL_CONNECTION))
this.registerReceiver(receiver, IntentFilter(SSL_INCOMPATIBLE_CIPHER))
this.registerReceiver(receiver, IntentFilter(SSL_CERT_PINNING_FAILED))
this.registerReceiver(receiver, IntentFilter(SSL_INCOMPATIBLE_TLS))
this.registerReceiver(receiver, IntentFilter(SSL_INVALID_CA_CHAIN))
this.registerReceiver(receiver, IntentFilter(ACCCES_OUTSIDE_WHITELIST))
this.registerReceiver(receiver, IntentFilter(SSL_INVALID_RSA_SIGNATURE))
this.registerReceiver(receiver, IntentFilter(SSL_INVALID_ECC_SIGNATURE))
this.registerReceiver(receiver, IntentFilter(SSL_INVALID_DIGEST))
this.registerReceiver(receiver, IntentFilter(TAMPERED_APP))
}

fun onEvent(intent: Intent) {

var action = intent.action
var clipboardAction: String;
var blocked: Boolean;
var timeStamp: String;
var reason: String;
var internalError: String;
var keyboard: String;
var deviceID: String;
var deviceModel: String;
var osVersion: String;
var kernelInfo: String;
var deviceManufacturer: String;
var fusedAppToken: String;
var carrierPlmn: String;
var defaultMessage: String;
var deveventDetailedErrorMessage: String;
var host: String;
var certificateSHA1: String;
var certificateCN: String;
var incompatibleCipherId: String;
var incompatibleSslVersion: String;
var message = "";

when (action) {
BLOCKED_CLIPBOARD -> {

if (!intent.hasExtra("action") || !intent.hasExtra("blocked") || !intent.hasExtra("timestamp") || !intent.hasExtra(
"deviceID"
) || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra(
"deviceManufacturer"
) || !intent.hasExtra("fusedAppToken") || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
Toast.makeText(this, TAG + "illegal event received. ", Toast.LENGTH_LONG).show()

return;
} else {
clipboardAction = intent.getStringExtra("action");//copy, paste, cut, selectAll or unknown
blocked = intent.getStringExtra("blocked").contentEquals("True");
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");
}

message = "clipboardAction :" + clipboardAction +
"blocked :" + blocked +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn

}

BLOCKED_KEYBOARD -> {

if (!intent.hasExtra("timestamp") || !intent.hasExtra("defaultMessage") || !intent.hasExtra("keyboard") || !intent.hasExtra(
"blocked"
) || !intent.hasExtra("deviceID") || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra(
"kernelInfo"
) || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra("fusedAppToken") || !intent.hasExtra(
"carrierPlmn"
)
) {
Log.e(TAG, "illegal event recieved.");
Toast.makeText(this, TAG + "illegal event received. ", Toast.LENGTH_LONG).show()

return;
} else {
timeStamp = intent.getStringExtra("timestamp");
defaultMessage = intent.getStringExtra("defaultMessage");
keyboard = intent.getStringExtra("keyboard");
blocked = intent.getStringExtra("blocked").contentEquals("True");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");
}

message = "defaultMessage :" + defaultMessage +
"keyboard :" + keyboard +
"blocked :" + blocked +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn

}

ROOTED_DEVICE -> {

if (!intent.hasExtra("timestamp") || !intent.hasExtra("internalError") || !intent.hasExtra("defaultMessage") || !intent.hasExtra("deviceID") || !intent.hasExtra(
"deviceModel"
) || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra(
"fusedAppToken"
) || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
Toast.makeText(this, TAG + "illegal event received. ", Toast.LENGTH_LONG).show()

return;
} else {
timeStamp = intent.getStringExtra("timestamp");
internalError = intent.getStringExtra("internalError");
defaultMessage = intent.getStringExtra("defaultMessage");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");
}

message = "defaultMessage :" + defaultMessage +
"timeStamp :" + timeStamp +
"internalError:" + internalError +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn

}

SSL_VALIDATION_FAILED -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("certificateSHA1") || !intent.hasExtra("certificateCN") || !intent.hasExtra("timestamp") || !intent.hasExtra(
"deviceID"
) || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra(
"deviceManufacturer"
) || !intent.hasExtra("fusedAppToken") || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
certificateSHA1 = intent.getStringExtra("certificateSHA1");// the certificate sha1 fingerprint
certificateCN = intent.getStringExtra("certificateCN");// the certificate CN (common name)
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");
message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"certificateSHA1 : " + certificateSHA1 +
"certificateCN : " + certificateCN +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

SSL_NON_SSL_CONNECTION -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("timestamp") || !intent.hasExtra(
"deviceID"
) || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra(
"deviceManufacturer"
) || !intent.hasExtra("fusedAppToken") || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");
message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}
SSL_CERT_PINNING_FAILED -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("certificateSHA1") || !intent.hasExtra("certificateCN") || !intent.hasExtra("timestamp") || !intent.hasExtra(
"deviceID"
) || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra(
"deviceManufacturer"
) || !intent.hasExtra("fusedAppToken") || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
certificateSHA1 = intent.getStringExtra("certificateSHA1");// the certificate sha1 fingerprint
certificateCN = intent.getStringExtra("certificateCN");// the certificate CN (common name)
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");
message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"certificateSHA1 : " + certificateSHA1 +
"certificateCN : " + certificateCN +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

SSL_INCOMPATIBLE_CIPHER -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("incompatibleCipherId") || !intent.hasExtra("timestamp") || !intent.hasExtra("deviceID") || !intent.hasExtra(
"deviceModel"
) || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra(
"fusedAppToken"
) || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
incompatibleCipherId = intent.getStringExtra("incompatibleCipherId");
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");

message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"incompatibleCipherId : " + incompatibleCipherId +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

SSL_INCOMPATIBLE_TLS -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("incompatibleSslVersion") || !intent.hasExtra("timestamp") || !intent.hasExtra(
"deviceID"
) || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra(
"deviceManufacturer"
) || !intent.hasExtra("fusedAppToken") || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");
incompatibleSslVersion = intent.getStringExtra("incompatibleSslVersion");

message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn +
"incompatibleSslVersion :" + incompatibleSslVersion
}
}

SSL_INVALID_CA_CHAIN -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("certificateSHA1") || !intent.hasExtra("certificateCN") || !intent.hasExtra(
"timestamp"
) || !intent.hasExtra("deviceID") || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra(
"kernelInfo"
) || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra("fusedAppToken") || !intent.hasExtra(
"carrierPlmn"
)
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
certificateSHA1 = intent.getStringExtra("certificateSHA1");// the certificate sha1 fingerprint
certificateCN = intent.getStringExtra("certificateCN");// the certificate CN (common name)
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");

message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"certificateSHA1 : " + certificateSHA1 +
"certificateCN : " + certificateCN +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

ACCCES_OUTSIDE_WHITELIST -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("timestamp") || !intent.hasExtra("deviceID") || !intent.hasExtra(
"deviceModel"
) || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra(
"fusedAppToken"
) || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");

message = "defaultMessage : " + defaultMessage +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

SSL_INVALID_RSA_SIGNATURE -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("certificateSHA1") || !intent.hasExtra("certificateCN") || !intent.hasExtra(
"timestamp"
) || !intent.hasExtra("deviceID") || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra(
"kernelInfo"
) || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra("fusedAppToken") || !intent.hasExtra(
"carrierPlmn"
)
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
certificateSHA1 = intent.getStringExtra("certificateSHA1");// the certificate sha1 fingerprint
certificateCN = intent.getStringExtra("certificateCN");// the certificate CN (common name)
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");

message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"certificateSHA1 : " + certificateSHA1 +
"certificateCN : " + certificateCN +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

SSL_INVALID_ECC_SIGNATURE -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("certificateSHA1") || !intent.hasExtra("certificateCN") || !intent.hasExtra(
"timestamp"
) || !intent.hasExtra("deviceID") || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra(
"kernelInfo"
) || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra("fusedAppToken") || !intent.hasExtra(
"carrierPlmn"
)
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
certificateSHA1 = intent.getStringExtra("certificateSHA1");// the certificate sha1 fingerprint
certificateCN = intent.getStringExtra("certificateCN");// the certificate CN (common name)
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");

message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"certificateSHA1 : " + certificateSHA1 +
"certificateCN : " + certificateCN +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

SSL_INVALID_DIGEST -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra(
"host"
) || !intent.hasExtra("certificateSHA1") || !intent.hasExtra("certificateCN") || !intent.hasExtra("timestamp") || !intent.hasExtra(
"deviceID"
) || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra(
"deviceManufacturer"
) || !intent.hasExtra("fusedAppToken") || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =
intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
host = intent.getStringExtra("host");// the host on which the error occurred
certificateSHA1 = intent.getStringExtra("certificateSHA1");// the certificate sha1 fingerprint
certificateCN = intent.getStringExtra("certificateCN");// the certificate CN (common name)
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");

message = "defaultMessage : " + defaultMessage +
"deveventDetailedErrorMessage : " + deveventDetailedErrorMessage +
"host : " + host +
"certificateSHA1 : " + certificateSHA1 +
"certificateCN : " + certificateCN +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}
}

Log.e(TAG, "Got Threat-Event $message");
}

/* Only When ONEShield Threat Events are enabled*/

TAMPERED_APP -> {
if (!intent.hasExtra("defaultMessage") || !intent.hasExtra("DeveventDetailedErrorMessage") || !intent.hasExtra("reason") || !intent.hasExtra("timestamp") || !intent.hasExtra("deviceID") || !intent.hasExtra("deviceModel") || !intent.hasExtra("osVersion") || !intent.hasExtra("kernelInfo") || !intent.hasExtra("deviceManufacturer") || !intent.hasExtra("fusedAppToken") || !intent.hasExtra("carrierPlmn")
) {
Log.e(TAG, "illegal event recieved.");
return;
} else {

defaultMessage = intent.getStringExtra("defaultMessage");// message specified during fusion
deveventDetailedErrorMessage =intent.getStringExtra("DeveventDetailedErrorMessage");// a detailed error message
reason = intent.getStringExtra("reason");// the cause which triggered the Anti-Tampering protection
timeStamp = intent.getStringExtra("timestamp");
deviceID = intent.getStringExtra("deviceID");
deviceModel = intent.getStringExtra("deviceModel");
osVersion = intent.getStringExtra("osVersion");
kernelInfo = intent.getStringExtra("kernelInfo");
deviceManufacturer = intent.getStringExtra("deviceManufacturer");
fusedAppToken = intent.getStringExtra("fusedAppToken");
carrierPlmn = intent.getStringExtra("carrierPlmn");

message = "defaultMessage : " + defaultMessage +
"reason : " + reason +
"timeStamp :" + timeStamp +
"deviceID :" + deviceID +
"deviceModel :" + deviceModel +
"osVersion :" + osVersion +
"kernelInfo :" + kernelInfo +
"deviceManufacturer :" + deviceManufacturer +
"fusedAppToken :" + fusedAppToken +
"carrierPlmn :" + carrierPlmn
}
}

Easy Steps to Mobile App Threat Intelligence in Kotlin Apps

Follow the step-by-step instructions in this knowledge base to add Threat-Events™ to your Kotlin mobile App.

That is it – Enjoy Appdome with Threat-Events™ in your app!

To zoom out on this topic, visit the Mobile App Security page on our website.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Liron Dror

Have a question?

Ask an expert

NadavMaking your security project a success!