Learn 4 Easy Steps to Store Encrypted Secrets in Android & iOS Memory. Protect app secrets in encrypted memory. No Code, No SDK, Continuous Security.
With In-App Generated Seed and Smart Offline Handoff for Data at Rest Encryption, you can store and encrypt secrets in protected memory and seed it with an external secret. The secret can be derived from a backend server or from user input. Appdome’s Storing in Protected Memory enables you to protect those secrets by storing them in the mobile app encrypted memory.
This Knowledge Base article summarizes the steps needed to store those external secrets used by a mobile app in the app encrypted memory.
We hope you find it useful and enjoy using Appdome!
Although the application’s memory is protected from other malicious applications using iOS and Android sandboxing, there are multiple cases when the memory is not protected:
vm_readto view the app memory.
Most of those scenarios are covered by Appdome Jailbreak and Root Detection and Anti-Debugging protection. In addition, to fully protect and harden any mobile app data and secrets, Appdome developed Storing in Protected Memory solution.
Using a special technique, Appdome stores the sensitive data (secrets) and encrypts it in the process’s memory. The data will remain encrypted throughout the entire process’ runtime. When the application accesses this memory, it will manage to access the original data, while external access will read the encrypted data.
Due to the nature of encrypted memory, memory access takes longer than usual. For this reason, Appdome does not encrypt the entire process memory, but only the essential information that is generated from the application when enabling Appdome’s In-App Generated Seed and Smart Offline Handoff.
When Appdome stores those generated keys, it will be using encrypted memory, and the secrets will be protected. Notice that in order to fully protect the keys, the app developer is required to exercise responsible coding practices and wipe the secret from within the app code after passing it to Appdome. Otherwise, in case the application’s memory would be dumped, the secret will appear there. Remember – a chain is only as strong as its weakest link!
Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily implement storing in protected memory to any mobile app – instantly, no code or coding required.
Using Appdome, there are no development or coding prerequisites. For example, there is no Appdome SDK, libraries, or plug-ins to implement. Likewise, there is no requirement to implement data at rest encryption manually or encrypt the entire memory in order to protect the application secret. Using Appdome, mobile apps will have data at rest capabilities as if they were natively coded into the app. Except using Appdome, the integration takes less than a minute, and there’s no coding at all.
Follow these step-by-step instructions to enable Storing in Protected Memory to any mobile app.
Please follow these steps to add a mobile app to your Appdome account.
Congratulations! You now have a mobile app fully integrated with Store in Protected Memory.
We built an example app with Storing in Protected Memory. The app stores a string in protected memory and prints it.
Here is the application output. The data was printed correctly by the application:
However, when we look at the memory which stores it using lldb debugger, we can see the data is encrypted:
The encryption changes among executions, so when the application was executed again, the memory held different data:
After successfully securing your app using Appdome, there are several available options to complete your project, depending on your app lifecycle or workflow. These include:
Or, see this quick reference Releasing Secured Android & iOS Apps built on Appdome.
This topic expands on Data at Rest encryption, you can read more about it at Data at rest encryption for mobile apps
Check out the full menu of features in the Appdome Mobile Security Suite
If you have any questions, please send them our way at firstname.lastname@example.org or via the chat window on the Appdome platform.
Or request a demo at any time.
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.