How Appdome's No-Code Mobile App Security Technology Works

This Knowledge Base article describes how the Appdome platform works in detail.

What is the Appdome Platform and How Does It Work?

Appdome is a no-code mobile app security platform designed to add mobile app security features to Android and iOS apps without coding.  Appdome’s no-code mobile app security offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps with a wide selection of mobile app security functionality.  

Appdome’s no-code mobile app security platform offers mobile developers, DevSec and security professionals a convenient and reliable way to protect Android and iOS apps with a wide array of mobile app security defenses. When an Appdome user clicks “Build My App,” Appdome leverages a microservice architecture filled with 1000s of security plugins, and an adaptive code generation engine that matches the correct required plugins to the development environment, frameworks, and methods in each app.

Mobile developers and non-developers use Appdome to build new apps and/or add new functionality to existing mobile apps instantly, without coding and without app wrapping. Integrations are organized by functional mobile service category. Customers can implement their choice of discrete security features, bundles of features, or full SDKs into any iOS or Android app in minutes without any development work. For each implementation, customers can choose additional instrumentation features or optimizations that extend SDK functionality, overcome framework limitations, or enable customers to achieve app-specific use cases, behaviors or user experiences that are unique to a target app or environment. Appdome works with any iOS and Android app, no matter how the app was built. Appdome customers achieve mobile outcomes for internally developed apps, ISV apps (B2E), or external consumer-facing apps (B2C or B2B2C) all without requiring app makers/developers or SDK providers to do any work – no source code changes, no product changes, no SDK or API changes.

Use cases and mobile service implementations available on Appdome include Mobile App Security, RASP, Enterprise Mobility (UEM, EMM, MDM, MAM), Authentication, Identity, IDaaS, Biometrics, Remote Access, MicroVPN, SSO, MFA, Mobile Threat Defense (MTD), Analytics, Collaboration, Messaging, Video, Voice, Chat, Mobile Permission Controls, and more (This list is non-exhaustive and always expanding).

Appdome’s patented Fusion method

Appdome’s patented no-code technology, called “Fusion”, is comprised of a code generation and assembly engine that implements all customer-selected features in less than a minute – fully automated, and without any coding. Appdome customers select features they want to implement, and click BuildMyApp. Upon clicking BuildMyApp, Appdome’s technology implements the features exactly as customers intend.  The end result of every implementation is a production-ready new app binary that customers can sign and immediately deploy to mobile end-users via their distribution method of choice. The Appdome platform works with any private or public app store. Customers can even deploy Appdome-built apps directly to an app store from within the Appdome workflow.  On top of that, mobile developers can fully automate their entire build processes with reusable implementation templates called Fusion Sets. Any feature or group of features on Appdome can be converted to a REST API and integrated into your  CI/CD toolset. This makes it easy to incorporate Appdome into your existing app delivery process or tooling, without changing the development workflow.

Appdome was designed from the ground up to enable mobile developers and non-developers to build security and new 3rd party services/SDKs/APIs into apps without manual coding. The Appdome platform doesn’t require specialized technical skills, so it can be used by different stakeholders and functional groups in an organization. Your Appdome service account can be configured to fit the needs of different organizational requirements, entitlements, or app delivery workflows. Appdome is used by mobile developers, line of business (LOB) owners, Security Ops,  DevSecOps, DevOps, IT, or product managers – as the

Appdome is compatible with all iOS and Android apps out of the box, meaning you don’t need to modify or prepare an app to work with Appdome. Appdome supports all platforms, mobile operating systems, development environments and frameworks. Using Appdome you can build apps from scratch or add new functionality to any .apk, .aab or .ipa in seconds.

Appdome’s Technology Delivers a Guaranteed Outcome for Mobile Security & Development Projects

When customers complete a project on Appdome, the outcome is similar to (and in most cases better than) what you would achieve if a team of mobile developers had coded the functionality or SDK manually into the source code – except with Appdome, the outcome is guaranteed, instant, and doesn’t require any coding or specialized skills.  Appdome doesn’t constrain your development choices, it liberates them. Developers are free to build apps in any environment they like. Appdome works with all apps – out of the box, no matter how the app was built. You can add security, mobile SDKs, and other mobile services to apps built natively or non-natively. Appdome reaches non-native apps that were built in frameworks like Cordova, React Native, Xamarin, Flutter effortlessly. No plugins are required.

Using Appdome customers implement 3rd party SDKs in seconds – with no coding. Appdome also extends SDKs to be compatible with all app frameworks automatically – without requiring the SDK provider to modify their SDK or build plugins. Appdome’s AI technology bridges framework and functionality gaps that inherently exist in any SDK. With Appdome you can complete multi-service implementations, adding services or SDKs across different mobile categories or even combining SDKs from different vendors together in the same workflow.

Build My App Button appdome build my app button

When customers click Build My App, Appdome rapidly generates codesets from thousands of discrete re-usable microservice modules, which are assembled into what we call ‘fusion adapters’. The fusion adapter becomes a part of the new app and ensures that the right functions, API calls, methods, UI elements, etc are invoked at the right time. For example, if the mobile SDK contains components that are required to run before the application loads (such as an EMM SDK that displays a provisioning screen, or a contextual step-up authentication request triggered by an MFA API) the Fusion Adapter orchestrates the app-SDK priority so that the right component is called in the right order, holding all other interactions until the requirements of the workflow are satisfied.

For developers, Appdome exposes advanced instrumentation so you can build custom workflows inside mobile apps using Appdome’s generic event framework which is part of our Appdome-DEV offering. Threat Events, in turn, interact with the app’s own unique event structure and logic, giving customers a universal instrumentation layer across all development enviorments.

Searching for Threat-Events anywhere in our Knowledge Base, you’ll find dozens of individual articles on this topic, each describing a specific use case.

The Power of Automated, No-Code Mobile App Security and Development

The Appdome platform completes every implementation in less than a minute, leveraging a collective and cumulative body of knowledge, having completed hundreds of thousands of implementations across tens of thousands of apps. Every implementation benefits from all previous work, and our AI-enabled coding engine gets smarter and smarter with each click of the Build My App button. appdome build my app button All this collective knowledge accrues to every customer, partner, app-maker, and SDK provider alike. This is a stark contrast from manual development or integration methods that rely on source code changes or manual development, and where knowledge is spread across individuals and no implementation ever benefits previous work.

Appdome’s AI engine leverages a massive body of accumulated knowledge on both the app side and the services side, and it implements the customer-selected services taking into account the existing app’s capabilities and bridging gaps to overcome incompatibilities between the app and the new services –  all taking into consideration knowledge about how the app functions. Here are some details:

On the app-side, when customers add apps to their Appdome account, the AI engine performs an app structure and integrity scan. As part of this check, Appdome discovers which app development frameworks were used to build the app. Our algorithms also map the app’s structural and logical elements, its capabilities, features, APIs and 3rd party SDKs. It builds a mapping of all 3rd party libraries (native and non-native) understanding the app’s resources, methods, control flows. It also understands how the app communicates internally and externally.

On the services (SDK) side, Appdome has built a large and diverse set of thousands of pre-built and reusable microservices across many different mobile service categories and SDKs. This information is stored and retained in our cloud platform and continuously updated. When customers click BuildMyApp, Appdome’s AI engine analyzes the set of features that the customer requested, performs a gap analysis between the app’s current capabilities and the new service/SDK, and then dynamically assembles and implements the relevant microservices in the right order – all while taking into account the existing app’s structure and logical flows and resolving any framework gaps, incompatibilities, and SDK limitations in real-time. The end result: A new app binary is produced within a minute which includes all the new functionality – all with no code changes, no SDK changes, and no changes to the environment or infrastructure in which the app operates.

If a mobile service, API, or SDK is listed on Appdome, that means Appdome’s AI algorithms have been  ‘trained’ on how to implement the service into any iOS or Android app without human coding. There are no external dependencies, constraints, or prerequisites on the app’s development or design methodologies. So there’s no prep-work or development work required before using Appdome. Bring any app to the platform and you can start your project immediately.

The repository of knowledge accumulated by the Appdome platform (on both the app side and the services side) continues to grow and build upon itself. And the Appdome platform implements new functionality adaptively and selectively, resulting in consistent implementations of the customer-selected services, all implemented by the platform within the context of the app’s unique composition.

This is how Appdome builds apps in seconds which would normally take an entire team of mobile developers and other highly skilled resources months to complete using manual coding.

For examples of how Appdome overcomes framework limitations, read this blog. 

Appdome Seals Every App to Prevent Tampering and Reverse engineering

Every time a customer builds an app using Appdome, the final package is sealed and protected automatically with Appdome ONEShield, Appdome’s app hardening (app shielding) technology. This protects the app from tampering, reverse engineering, malicious debugging or other non-sanctioned modifications to the app.

If you want to add other services or SDKs at a later time, you can re-build the app as many times as necessary. Appdome never changes the original app binary. The original binary you upload is always preserved in your account (just as you uploaded it) and it’s only accessible by you.

To zoom out on this topic, visit the Appdome Platform section on our website.

Thanks for visiting Appdome! Our mission is to make building and securing mobile apps easy for everybody. Open a free account today and let’s start building!  

Alan Bavosa

Have a question?

Ask an expert

KarenMaking your security project a success!