How to implement Appdome DEV-Events on your Mobile App

Introduction

Appdome users can configure Security Alerts with Appdome Fused apps!  After you configured the app, it can receive all security alerts when they occur with iOS and Android apps.
When Appdome detects a security event in your Built app it will use your security measures as defined below. Appdome Security Alerts is part of the Appdome Mobile Security Suite. DEV-Events™ falls under Appdome’s Secure Communication category.

This Knowledge Base article reviews in detail how users can configure security alerts for the apps they Build on Appdome.

Appdome’s DEV-Events data protection

On Android mobile devices, security events are usually implemented using Broadcasts and BroacastRecievers, which are broadcasted freely to all the applications on the device by default. This mechanism is the simplest Android communication system to implement.

Appdome secures the data that is transferred via Appdome’s DEV-Events on Android, by adding custom permission to the application manifest with protection level “signature”. This custom permission is unique to each system/app. In addition, Appdome modifies all calls to sendBroadcast and registerReciever on the binary level to be sent with that permission.

When a user implements Appdome’s DEV-Events, Appdome secures his app in one of the following methods:

  1. (Recommended) If the user follows the examples and instructions according to our Knowledgebase articles (see “How to implement Appdome DEV-Events on your Mobile App” section below) and implement the regular broadcasts, Appdome will add the unique custom permission.
  2. If the user implements his internal permissions and calls versions of sendBroadcast and registerReciever calls with permission, Appdome service will detect it and will not modify the permission.
  3. If the user chooses to implement Google’s LocalBroacastManager, Appdome service will detect it and will not modify the permission.

How to implement Appdome DEV-Events on your Mobile App

Follow the instructions on the knowledge-based article below that match your application framework:

Prerequisites

Appdome Security DEV-Events Structure

Each Appdome DEV-Event is a set of key/value dictionary. Both key and value are strings: Java Strings, for Android App and NSString for iOS Apps.

An event for Appdome’s Keylogging Prevention

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • keyboard – package ID of the keyboard that was opened
  • blocked – True/False – was the keyboard blocked
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Copy/Paste Prevention

  • timestamp – the UNIX epoch timestamp of the event
  • action – copy/paste/cut/selectAll – the action that took place
  • blocked – True/False – was the clipboard action blocked
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Jailbreak Prevention/Root Prevention

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • internalError – this is a bitmask that represents the detailed reason why Appdome detected the device as rooted/jailbroken.
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Detect Unknown Sources

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Detect Hardware Emulators

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Require Security Services

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Smart Certificate Pinning

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • DeveventDetailedErrorMessage – a detailed error message
  • Host – the host on which the error occurred.
  • certificateSHA1 – the certificate sha1 fingerprint, if relevant to the error (may not be passed).
  • certificateCN – the certificate CN (common name), if relevant to the error (may not be passed).
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Enforce Cipher Suites

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • DeveventDetailedErrorMessage – a detailed error message.
  • Host – the host on which the error occurred.
  • IncompatibleCipherId – the incompatible cipher id.
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Enforce TLS Version

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • DeveventDetailedErrorMessage – a detailed error message.
  • Host – the host on which the error occurred.
  • IncompatibleSslVersion – the incompatible SSL/TLS version.
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Enforce Certificate Roles

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode.
  • DeveventDetailedErrorMessage – a detailed error message.
  • Host – the host on which the error occurred.
  • certificateSHA1 – the certificate sha1 fingerprint of the certificate causing the error.
  • certificateCN – the certificate CN (common name)
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Prevent App Screen Sharing

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • context – the capturing event type (Taking a screenshot, Capturing the screen, Mirroring the screen)
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Trusted Session – URL Whitelisting

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – The message the user entered on Appdome platform, under the selected Appdome security event option (unless modified by the user, Appdome will use the default message).
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • Host – the host on which the error occurred.
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Detect Developer Options

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Enforce Strong RSA Signature

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode.
  • DeveventDetailedErrorMessage – a detailed error message.
  • Host – the host on which the error occurred.
  • certificateSHA1 – the certificate sha1 fingerprint of the certificate causing the error.
  • certificateCN – the certificate CN (common name)
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Enforce Strong ECC Signature

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode.
  • DeveventDetailedErrorMessage – a detailed error message.
  • Host – the host on which the error occurred.
  • certificateSHA1 – the certificate sha1 fingerprint of the certificate causing the error.
  • certificateCN – the certificate CN (common name)
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Enforce SHA256 Digest

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode.
  • DeveventDetailedErrorMessage – a detailed error message.
  • Host – the host on which the error occurred.
  • certificateSHA1 – the certificate sha1 fingerprint of the certificate causing the error.
  • certificateCN – the certificate CN (common name)
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and detials
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Detect Banned Devices

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode.
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and detials
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

An event for Appdome’s Smart Certificate Pinning

  • timestamp – the UNIX epoch timestamp of the event
  • defaultMessage – the message that would be shown to the user in enforcement mode
  • DeveventDetailedErrorMessage – a detailed error message
  • Host – the host on which the error occurred.
  • certificateSHA1 – the certificate sha1 fingerprint, if relevant to the error (may not be passed).
  • certificateCN – the certificate CN (common name), if relevant to the error (may not be passed).
  • deviceID – unique mobile device identifier
  • deviceModel –  mobile device model
  • osVersion – The mobile device OS version
  • kernelInfo – Kernel information and details
  • deviceManufacturer – mobile device manufacturer
  • fusedAppToken – Built App Token
  • carrierPlmn – carrier identity number (PLMN code)
  • deviceBrand – mobile device brand (for Android devices)
  • deviceBoard – the board the mobile device is based upon (for Android devices)
  • buildHost – build server of the ROM (for Android devices)
  • buildUser – the user who ran the build of the ROM (for Android devices)
  • sdkVersion – For Android devices, the Android SDK version.

How to Add DEV-Events™ to Any Mobile App(s) on Appdome

Follow these step-by-step instructions to add DEV-Events™ to Any Mobile App:

Upload a Mobile App to Your Account

Please follow these steps to add mobile apps to your Appdome account.
If you don’t have an Appdome account, click here to create an account.

From the Build tab, select Security

Expand the OS Integrity category (optional)

  1. Click on the toggle to enable Jailbreak Prevention / Root Prevention
  2. Click on the toggle to enable Detect Unknown Sources
  3. Click on the toggle to enable Detect Developer Options
  4. Click on the toggle to enable Detect Hardware Emulators
  5. Click on the toggle to enable DEV-Events™

Dev Events OS integrity toggle

Expand the Secured Communication category (optional)

  1. Click on the toggle to enable Trusted Session 
  2. Click on the toggle to enable Enforce Cipher Suites 
  3. Click on the toggle to enable Enforce TLS Version
  4. Click on the toggle to enable Enforce Certificate Roles 
  5. Click on the toggle to enable URL Whitelisting
  6. Click on the toggle to enable DEV-Events™

Expand the Mobile Privacy category (optional)

  1. Click on the toggle to enable Copy/Paste Prevention 
  2. Click on the toggle to enable Prevent App Screen Sharing (iOS)
  3. Click on the toggle to enable Keylogging Prevention
  4. Click on the toggle to enable DEV-Events™

Click Build My App

The technology behind Build My App has two major elements – (1) a microservice architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add DEV-Events to the mobile app in seconds.

Congratulations! You now have a mobile app Built with DEV-Events™.

After Adding DEV-Events™ to a Mobile App on Appdome

After you have added DEV-Events™ to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.

Add Context™ to the Appdome Built App

Within Context™, Appdome users can brand the app, including adding a favicon to denote the new service added to the app.
For more information on the range of options available in Context™, please read this knowledge base article.

Sign the DEV-Events™ Enabled Appdome Built App (Required)

In order to deploy an Appdome Built app, it must be signed. Signing an iOS app and Signing an Android is easy using Appdome. Alternatively, you can use Private Signing, download your unsigned app and sign locally using your own signing methods.

Deploy the Appdome App to a Mobile Device

Once you have signed your Appdome Built app, you can download to deploy it using your distribution method of choice. For more information on deploying your Appdome Built apps, please read this knowledge base.

That is it – Enjoy Appdome with DEV-Events™ in your app!

To zoom out on this topic, visit the Mobile App Security page on our website.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Paul Levasseur

Have a question?

Ask an expert