Custom App Compromise Notification & Troubleshooting When an App Exits
When Appdome’s technology detects security issues or determines that the app may be compromised, the default behavior is to exit the app and display an App Compromise Notification to the mobile user.
This Knowledge Base article provides instructions on how to customize the App Compromise Notifications. It also includes the most common reasons why Fused apps would exit, as a means of troubleshooting when it happens.
We hope you find it useful and enjoy using Appdome!
Security Features on Appdome
Appdome is a no-code mobile integration platform as a service (iPaaS), supporting a wide variety of implementations for Android and iOS apps easily. Using a simple ‘click to add’ user interface, Appdome allows anyone to add mobile app security to any iOS or Android app in seconds, no code or coding required.
Using Appdome, there are no development or coding prerequisites. For example, there are no Appdome SDKs, libraries, plug-ins, software or hardware to implement. Likewise, there are no required infrastructure changes. Users simply upload an Android or iOS app, select their choice of features from Appdome’s Security category, and click “Build My App”. The Appdome technology adds the chosen mobile security features to the app (plus any required standards or framework extensions) automatically, with no manual development work at all.
Troubleshooting Common Reasons why an App built with Appdome Exits
Fusing Appdome’s Mobile Security Suite to your app shouldn’t cause it to crash. Depending on the security features you built to your app, your app may exit based on the rules defined in the app Fusion process. If that’s the case, then this app exit behavior is expected.
You can add security features and capabilities to your iOS and Android apps using Appdome. Using a simple point-and-click user interface, Appdome enables anyone to easily integrate their choice of features from the Appdome Mobile Security Suite to any mobile app – instantly, no code or coding required.
Prerequisites for Using Appdome for Security
In order to use Appdome’s no code implementation of security on Appdome, you’ll need:
How to Customize the App Compromise Notification for Users
Follow these step-by-step instructions to customize the App Compromise Notification for mobile end users.
You can customize the App Compromise Notification displayed to mobile users when security events trigger the app to exit. Below is a list of the specific features for which you can customize the message to the user:
- Root or Jailbreak Prevention
- Detect Unknown Sources
- Detect Developer Options
- URL Whitelisting
- Trusted Session Inspection
- MiTM Prevention
- Malicious Proxy Detection
- Prohibit Stale Sessions
- Copy/Paste Prevention
Customize the text in the App Compromise Notification free-form text box.
Click Build My App to build your app with this security.
Congratulations! You now have a mobile app fully integrated with security.
Troubleshooting Tips – Common Reasons for Built Apps to Exit
Here is a list of the most common causes for a Fused app to exit when the Appdome’s Mobile Security Suite has been added in your app:
If you Fused URL Whitelisting and the app tried to access a URL which was not on the allowed URL list (ie: the whitelist), this will result in the app to exit, for the protection of the user. If you want to allow that particular URL, simply add the additional URL to the allowed list and Fuse your app again.
OS Integrity Checks
If you Fused OS integrity checks, and the user opens or runs the app on a Jailbroken or Rooted device, this will cause the app to exit. This is the expected behavior. Appdome has specific checks for jailbreak and root detection and does not allow the app to open on a jailbroken or rooted device when this feature is enabled.
Man-in-the-Middle (MiTM) attack detection
If you Fused MITM detection, that feature ensures the security and integrity of the communication channel which connects the app to a service. If Appdome’s technology cannot verify the signer of the CA with certificate validation, this will cause the app to exit, for the protection of the end-user. Another possible cause for this issue is that the server certificate is signed with CA that is not on the standard CA list installed on the iOS or Android device. In this case, please contact Appdome support so we can add it to our trusted CA list.
Fusing the app may have triggered anti-tampering or other security mechanisms already inside the app. To correct for this condition, you need to temporarily disable the app’s anti-tampering mechanism. Then Fuse the app. After Fusion completes, re-apply your anti-tampering mechanism to the Fused app. Also, note that Appdome provides its own anti-tampering, which may render your existing anti-tampering mechanism redundant, in which case you may want to disable it.
Modifications to app package after Fusion
To ensure the integrity of the app, Appdome doesn’t allow modifications to the package after you Fuse and sign the app. Doing this will trigger Appdome’s integrity checks. (e.g. if you change the bundle id, add files etc.). If you need to make changes to the app package, make the changes on the .ipa, .apk or .aab before uploading it to Appdome and Fusing the app.
How Do I Learn More?
For more information on Appdome Mobile Security Suite please visit this resource.
To zoom out on this topic, visit Appdome for Mobile App Security on our website.
Or request a demo at any time.
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.