Prevent Mobile Malware using CryptographicValidation and Anti-Tampering — <no code required>

Security Best-Practices for mobile app developers

The time to value and the risk vs. reward is simply too high for mobile malware developers to pass up. This has led to more mobile app developers embracing controls like anti-tampering and checksum verification to prevent mobile malware and to protect their apps.

What is mobile malware?

So mobile malware developers get your apps by downloading them from public stores like Apple’s App Store or Google Play, or alternative app stores like Cydia, APK Mirror, APK Pure, or dozens of others. Then they use reverse engineering techniques or dynamic instrumentation tools like FRIDA to inject malicious code inside your real app, and then distribute the malware-loaded ‘replica’ of your app is if it were…you guess it….your app. You can’t easily prevent them from getting your app or even distributing your app. But, you do have control surrounding the, “fill ’em with malicious code” piece. As a mobile application developer, you can make it very difficult to modify your apps successfully by leveraging security controls like checksum verification and anti-tampering. Below are a few techniques on how you can prevent mobile malware without any coding.

Preventing Mobile Malware starts with building apps that can’t easily be tampered with or reverse engineered easily.

Prevent Mobile Malware with Checksum Validation

Checksum validation uses cryptography to validate that your mobile app has not been altered since you released it.

Prevent Mobile Malware with Anti-Tampering

Anti-tampering can also detect logic modifications at run-time. In the simplest terms, your app is supposed to execute following the structure A-B-C. But it has been maliciously modified and now follows the structure A-C-B or Z-A-X. The anti-tampering protection will detect the modifications and disallow the app from running. This is a great way to ensure that the app you wrote is the app being used without malware or other malicious modifications added. In short, it helps in keeping the bad peeps out.

You might ask, hey alan, why do you need both? It’s that a bit of a ‘belt and suspenders’ approach? The answer that you do need both (in fact, to build a multi-layered security defense, you should also be looking at obfuscation and data encryption as well other security features as well). So all in all, checksum validation and anti-tampering are security features that prevent unauthorized app modifications in different ways, each of which complements the other. And the reason you want a layered approach is that hackers have many many ways to compromise your app and your security defenses. So you need to stop them at every angle. To maximize effectiveness, solid security solutions combine multiple detection and prevention methods that operate on different API layers, at different trigger points or time periods, and are well distributed throughout the app.

Thanks for reading! This blog is part of a series focused on raising security awareness among mobile developers and also sharing best-practices, use cases, and new ‘no-code’ techniques for developers to build secure apps faster by automating mobile app security. All of the practical examples in this series can be found on the Appdome platform or within our Knowlege Base.

Originally published at https://www.appdome.com on July 15, 2020.

ALAN BAVOSA is VP of Security Products at Appdome, a no-code mobile app security and development platform.