When Appdome’s technology detects security issues or determines that the app may be compromised, Appdome either drops the connection or exits (closes) the app, depending on the threat detected. If configured by the customer, Appdome will also display an App Compromise Notification to the mobile user.
This Knowledge Base article provides instructions on how to customize the App Compromise Notifications. It also includes the most common reasons why an Appdome-built app might exit (ie: shut itself down).
We hope you find it useful and enjoy using Appdome!
Appdome is a no-code mobile security and mobile integration platform that allows users to add security features, like RASP, code obfuscation, data encryption and more, as well as mobile threat, mobile fraud, anti-bot and other SDKs and APIs to Android and iOS apps. This KB describes how to use Appdome’s simple ‘click to build’ user interface to quickly and easily build mobile app security into any mobile app – instantly, no code or coding required.
Using Appdome, there are no development or coding prerequisites. For example, there are no Appdome SDKs, libraries, plug-ins, software or hardware to implement. Likewise, there are no required infrastructure changes. Users simply upload an Android or iOS app, select their choice of features from Appdome’s Security category, and click “Build My App”. The Appdome technology adds the chosen mobile security features to the app (plus any required standards or framework extensions) automatically, with no manual development work at all.
You can add security features and capabilities to your iOS and Android apps using Appdome. Using a simple point-and-click user interface, Appdome enables anyone to easily integrate their choice of features from the Appdome Mobile Security Suite to any mobile app – instantly, no code or coding required.
In order to use Appdome’s no code implementation of security on Appdome, you’ll need:
Follow these step-by-step instructions to customize the App Compromise Notification for mobile end users.
You can customize the App Compromise Notification displayed to mobile users when security events trigger the app to exit. Below is a list of the specific features in the different categories of the Appdome Mobile Security Suite for which you can customize the message to the user:
Customize the text in the App Compromise Notification free-form text box.
Click Build My App to build your app with this security.
Congratulations! You now have a mobile app fully integrated with security.
Fusing Appdome’s Mobile Security Suite to your app shouldn’t cause it to crash. Depending on the security features you built to your app, your app may exit based on the rules defined in the app Fusion process. If that’s the case, then this app exit behavior is expected.
Here is a list of the most common causes for an Appdome-built app to exit when the Appdome’s Mobile Security Suite has been added in your app:
If you Fused URL Whitelisting and the app tried to access a URL which was not on the allowed URL list (ie: the whitelist), this will result in the app ‘exiting’ (shutting down) to protect the mobile user. If you wish to allow that particular URL, simply add the additional URL to the allowed list and Build your app again.
If you Fused OS integrity checks and the user opens or runs the app on a Jailbroken or Rooted device, this will cause the app to exit. This is the expected behavior. Appdome has specific checks for jailbreak and root detection and does not allow the app to open on a jailbroken or rooted device when this feature is enabled.
If you Fused MITM detection, that feature ensures the security and integrity of the communication channel which connects the app to a service. If Appdome’s technology cannot verify the signer of the CA with certificate validation, this will cause the app to exit, for the protection of the end-user. Another possible cause for this issue is that the server certificate is signed with CA that is not on the standard CA list installed on the iOS or Android device. In this case, please contact Appdome support so we can add it to our trusted CA list.
Fusing the app may have triggered anti-tampering or other security mechanisms already inside the app. To correct for this condition, you need to temporarily disable the app’s anti-tampering mechanism. Then Fuse the app. After Fusion completes, re-apply your anti-tampering mechanism to the Fused app. Also, note that Appdome provides its own anti-tampering, which may render your existing anti-tampering mechanism redundant, in which case you may want to disable it.
To ensure the integrity of the app, Appdome doesn’t allow modifications to the package after you Fuse and sign the app. Doing this will trigger Appdome’s integrity checks. (e.g. if you change the bundle id, add files etc.). If you need to make changes to the app package, make the changes on the .ipa, .apk or .aab before uploading it to Appdome and Fusing the app.
For more information on Appdome Mobile Security Suite please visit this resource.
To zoom out on this topic, visit Appdome for Mobile App Security on our website.
Or request a demo at any time.
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.