Validating the integrity of mobile apps prior to integrating features, SDKs, and APIs is a great step to take while building an app.
This Knowledge Base article provides step-by-step instructions on how to validate your Android and iOS mobile app integrity on the Appdome platform.
We hope you find it useful and enjoy using Appdome!
About Appdome Integrity Service Capabilities
Appdome’s Integrity Service automatically validates your uploaded mobile app every time you upload an app to the platform. When a mobile app has been added to the Appdome platform, the integrity of the app has been validated, Appdome service verifies the app was built correctly and that it’s a valid .apk or .ipa package.
Once activated, Appdome Integrity Service verifies the uploaded app has:
- Valid binary structures
- Valid binary file formats (info.plist and Android.manifest)
- Valid SDK versions
- Apple FairPlay breaches
- Legal bundle identifier patterns
- Deprecated file formats
While fusing an app, Appdome automatically protects your app against debugging, tampering, reversed engineering and a verity of other features, all included in Appdome ONEShield™.
iOS Apps Requirements
When using the Bitcode feature on your Xcode project, Apple recompiles all of the code after it is been uploaded to the app store. Apps Built on Appdome with Security and Anti-Tampering will have clashes with this code change.
Before you upload an app to Appdome, please disable the Bitcode option in your Xcode project, re-export the IPA file and then upload it to the platform. When you deploy this through the App Store it will work well with Apple deployment.
Android Apps Requirements
Appdome requires a full apk file to protect the entire app. By allowing “Android Bundle”, or by implementing the app with isSplitRequired attribute, parts of the app builds and feature modules can’t be obfuscated, encrypted nor protected by Appdome.
In addition, for Android apps, the uploaded app shouldn’t be exported in testOnly mode. To sign the full apk file, when developing the app in Android Studio, Go to Build and Generate Signed APK:
Prerequisites For Validating a Mobile App on the Appdome Platform
In order to activate Appdome Integrity service on your app, you’ll need:
- Appdome account
- Mobile App (.ipa for iOS, or .apk for Android)
- Signing Credentials (e.g., signing certificates and provisioning profile)
How to Check Your Mobile App Integrity on Appdome
- Login to your active Appdome account. If you don’t have an account, click here to create an account.
- Upload your app to the Appdome platform
Appdome Integrity Service automatically validates your uploaded mobile app. The integrity service will thwart the app upload process if the app’s validity is malformed.
- When the app’s validity is not malformed you will see these results:
That is it – Now you can integrate your uploaded app with Appdome’s integrity service!
From there, you can access the Appdome’s Mobile Integration Workflow and complete mobile integration projects.
How Do I Learn More?
Appdome Integrity Service prevents serious types of vulnerabilities such as those described here.
In addition, the service ensures that uploaded apps will run smoothly after you Fuse them with Appdome’s features and capabilities.
If you have any questions, please send them our way at email@example.com or via the chat window on the Appdome platform.