Digital.ai Application Protection for Android
Formerly Arxan
Code, key, and data protection plus threat detection for apps written in Java or Kotlin as well as C/C++ Android libraries.
Protecting Android apps and understanding their threat posture are critical to managing risk in today’s zero-trust world.
Protect
Cybercriminals can exploit mobile apps by reverse engineering them to expose code and steal customer identities, intellectual property, or gain access to back office systems.
Digital.ai Application Protection for Android protects mobile apps with code hardening technology, enabling runtime protection against reverse engineering and code tampering along with the ability to repair attacked code and disable app functionality when attacked.
Alert
Equally important to code protection is threat detection and alerting. The ability to detect and alert on active reverse engineering or tampering attacks is essential to getting in front of Android app attacks - stopping them before they go viral.
With integrated threat detection and alerting, Digital.ai Application Protection for Android closes the loop between protecting Android apps and understanding their real-time threat posture.
Encrypt
Providing full protection for Android apps also requires that communication keys, API locations, and critical in app data be encrypted to protect against attacks.
Digital.ai Key & Data Protection delivers added security by encrypting static and dynamic keys and sensitive application data with white-box cryptography that utilizes mathematical techniques and transformations to blend together app code and keys to secure cryptographic operations.
Multi-layered approach to protecting android applications
Protection at the speed of DevOps - rapidly inject essential app code protections and threat detection sensors after code development, without disrupting your DevOps process.
Real-time alerting - notifies organizations: if apps are running on rooted devices, when reverse engineering attacks are in progress, or other suspicious behavior via Digital.ai App Aware.
Static protection - obfuscates source code, making it harder for attackers to understand and analyze for reverse engineering.
Active protection - in the event of reverse-engineering, tampering, or malware attacks, the app can be shut down, sandboxed, self-repaired, or behavior changed in response.
Randomized code obfuscation – inserting honeypots and deceptive code patterns to increase the difficulty of reverse engineering and tampering.
Continuous platform support – Digital.ai is committed to delivering platform support for the latest versions of Android operating systems within five days of release.
Rapid Android app security
- Essential, unmatched Android app protection integration within minutes
- Streamlined integration with DevSecOps and CI/CD environments
- Immediate discovery of an app’s risk posture from the moment it’s published
Digital.ai Application Protection for Android tech specs
Languages
- Java
- Kotlin
- C/C++
IDE/Compilers
- Android Studio
- Android NDK
DevOps tool integrations
- Jenkins
- Puppet
Additional resources
Digital.ai App Aware Solution Brief
Digital.ai App Aware is an integrated service that provides visibility into the security posture of protected applications.
White-Box Cryptography
White-box cryptography uses encryption, obfuscation, and mathematical transformations to secure keys and critical data inside the applications running.
The Vulnerability Epidemic in Financial Services Mobile Apps
New research by Aite Group on the state of financial services mobile app security.