Validating the integrity of mobile apps prior to integrating features, SDKs, and APIs is a great step to take while building an app.
This Knowledge Base article provides step-by-step instructions on how to validate your Android and iOS mobile app integrity using the Appdome platform.
We hope you find it useful and enjoy using Appdome!
About Appdome Integrity Service Capabilities
Appdome’s Integrity Service automatically validates your uploaded mobile app every time you upload an app to the platform. When a mobile app has been uploaded to the Appdome platform, Appdome inspects the app and examines the app structure to validate its integrity and ensure that it’s a valid .apk or .ipa which has been correctly built.
Once activated, Appdome Integrity Service verifies the uploaded app has:
- Valid binary structures
- Valid binary file formats (info.plist and Android.manifest)
- Valid SDK versions
- Apple FairPlay breaches
- Legal bundle identifier patterns
- Deprecated file formats
While fusing an app, Appdome automatically protects your app against debugging, tampering, reverse engineering and a variety of other app-shielding features, all included in Appdome ONEShield™.
iOS Apps Requirements
When using the Bitcode feature on your Xcode project, Apple recompiles all of the code after it is been uploaded to the app store. Apps Built on Appdome with Security and Anti-Tampering will have clashes with this code change.
Before you upload an app to Appdome, please disable the Bitcode option in your Xcode project, re-export the IPA file and then upload it to the platform. When you deploy this through the App Store it will work well with Apple deployment.
Android Apps Requirements
Appdome requires a full .apk file to protect the entire app. By allowing “Android Bundle”, or by implementing the app with isSplitRequired attribute, parts of the app builds and feature modules can’t be obfuscated, encrypted or protected by Appdome.
In addition, for Android apps, the uploaded app shouldn’t be exported in testOnly mode. To sign the full .apk file, when developing the app in Android Studio, Go to Build and Generate Signed APK:
Prerequisites For Validating a Mobile App on the Appdome Platform
In order to activate Appdome Integrity service on your app, you’ll need:
- Appdome account
- Mobile App (.ipa for iOS, or .apk for Android)
- Signing Credentials (e.g., signing certificates and provisioning profile)
How to Check Your Mobile App Integrity on Appdome
- Login to your active Appdome account. If you don’t have an account, click here to create an account.
- Upload your app to the Appdome platform
Appdome Integrity Service automatically validates your uploaded mobile app. The integrity service will thwart the app upload process if the app’s validity is malformed.
- When the app’s validity is not malformed you will see these results:
That is it – Now you can proceed to the “Build” part of the Appdome Mobile Integration Workflow and start adding features, SDKs, and APIs to build and secure your new app!
How Do I Learn More?
Appdome Integrity Service prevents serious types of vulnerabilities such as those described here.
In addition, the service ensures that uploaded apps will run smoothly after you Fuse them with Appdome’s features and capabilities.
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.