AppCAMO launches iOS app security solution AppCAMO-iOS

"Mobile apps are very vulnerable to hacking because the source code of the app is easily exposed as a decompilation tool (reverse engineering tool). AppCAMO-iOS protects iOS apps safely by thoroughly blocking hacking through static analysis prevention(Code Hardening) and dynamic analysis prevention(RASP : Runtime App Self-Protection) technology of AppCAMO-iOS when hackers attempt hacking using static analysis and dynamic analysis."

Fig. 1 iOS App Shielding Solution AppCAMO-iOS Security technologies

iOS app Vulnerabilities 

iOS is known to be secure as Apple fully owns its security controls, but it turns out that iOS has more security vulnerabilities than Android. And iOS jailbreak cases by hacking continue to increase. So, the assumption that iOS apps run in a secure environment can be risky.

iOS security problems mostly occur on jailbroken iOS devices, and it is possible to access system files inside iOS and control them remotely.

iOS apps are less secure than Android apps, and 40% of vulnerabilities found are fatal or severe, higher than Android's 36% (Checkmarx & AppSec Labs).

A study of the top 100 paid iOS apps in the Apple App Store found that 87% of them were hacked, 75% of the popular free iOS apps were hacked, and the percentage of popular iOS apps hacked has continued to rise over the past three years (ARXAN ).

Fig. 2 Why you need iOS app security ? 

Attack cases such as tampering iOS apps and infecting them with malware were discovered, and it was confirmed that the game Pokemon Go, which recorded 500 million downloads worldwide, also has an iOS cracked version in circulation.

AppCAMO protects iOS apps from hacking and reverse engineering through Code Hardening and Runtime App Self-Protection (RASP) mechanisms. Since most app security solutions are SDK-based, learning time and coding are required to apply security technology to the app, but AppCAMO is web GUI-based, so you can easily apply app security technology with simple clicks.

The most powerful mobile application protector against hacking

AppCAMO-iOS is one of the most powerful app shielding solutions that block hacking by applying various app security technologies hierarchically from hacking threats caused by reverse engineering and tampering.

AppCAMO-iOS is easy and convenient to use because you can select and apply security options with just clicks of the app security technologies on the web browser after uploading the Xcarchive file.

Fig. 3 iOS app security solution AppCAMO-iOS architecture

14 powerful app security technologies

AppCAMO-iOS provides 14 security technologies and is divided into static analysis prevention(Code Hardening) technology and dynamic analysis prevention(RASP: Runtime Application Self Protection) technology.

The static analysis prevention technology of AppCAMO-iOS protects the xcarchive file from hacking, which includes 

Name Obfuscation : It makes it difficult for hackers to analyze the source code by changing the source code. There are various technologies for obfuscation, and AppCAMO-iOS uses name obfuscation technology. Name obfuscation technology includes 

class name obfuscation, 

method name obfuscation, 

field name obfuscation, 

property name obfuscation, 

category method name obfuscation, 

category property name obfuscation, 

protocol name obfuscation, 

protocol method name obfuscation, 

and protocol property name obfuscation. 

 

These technologies prevent hackers from getting any information from identifiers by changing identifiers such as classes, methods, fields, properties, categories, category properties, protocols, protocol methods, and protocol properties to arbitrary values that have no meaning in the source code. 

Usually, app developers give meaning to all of these identifiers to facilitate analysis and development of source code. For example, it is common to give the login screen a class name like "LoginActivity". This approach is good for analyzing and maintaining source code, but conversely, it makes it easy for hackers to analyze the source for malicious purposes. So, in name obfuscation provided by AppCAMO-iOS, the "LoginActivity" class name is changed to "a1234sfjkasf" so hacker can't know whether it is LoginActivity. Therefore, it can be said that the purpose is to make hackers give up or delay because it takes time to analyze the source code.

 

Name obfuscation changes the name of an identifier to a meaningless value. The part called by parsing module such as JSON that communicates with Server/DB and the dynamic class/method call part have been renamed with obfuscation technology, so errors may occur when running the iOS app. In this case, the user must directly input as a filter in the “obfuscation exclusion filter” so that name obfuscation is not applied. Name obfuscation can not be applied to the apps which use reflections described above.

String Encryption : It finds hard-coded strings such as server address, API key, user account, token, and etc in the source code of the app, and encrypts them. And it decrypts them only when the app is run in a secure environment. If a sensitive value such as a server address, an API key, a user account, or a token is exposed to a hacker, Not only can the server be attacked, but other secondary damage may occur. Therefore, this security technology option is recommended for all apps by default.

debug information removal :  It removes the relevant area on the IPA so that method parameter names, local variable names, and line numbers on the original source code are not exposed when an app is decompiled, and it makes source analysis more difficult.

The dynamic analysis prevention technology of AppCAMO-iOS detects and blocks hacking attempts while the app is running, which includes 

Jailbreak Detection : It detects whether a device is jailbroken or not when running an app and prevents the app from running, if it is the jailbroken device. 

 

Debugger Detection : It prevents the app from running if an app is being debugged.  

 

Simulator Detection(Virtual Machine Detection) : It prevents the app from running if the app is run in a simulator.

Fig. 4 iOS app shielding solution AppCAMO-iOS security technologies

Multiple Apps Management Technology

AppCAMO-iOS makes it easier to manage app security technologies by providing management technologies such as user management, project management, task management, bulletin boards and statistics that are not available in other app security solutions. You can manage all history of various app security technologies, from the beginning to the latest.

 

No SDK, No Coding, The Only One that can provide GUI based Solution for easy to use

Unlike other solutions that require learning time and coding using SDK or plug-in, AppCAMO does not require learning time and coding to apply security technologies. AppCAMO is based on a web GUI that allows users to intuitively select and apply various app security technologies with just clicks.

Fig. 5 iOS App Security Solution AppCAMO-iOS Web Screen Layout

Corporate Standard Mobile Application Security Platform

In 2020, we built the iOS app security standard platform for SKtelecom. AppCAMO-iOS is applied to more than 50 apps of SKtelecom each year. This platform creates strategic R&D infrastructure with SKtelecom security team which guarantees systematic customer feedback, new requirements, stability, and credibility for AppCAMO-iOS.

Fig. 6 iOS App Security Standard Platform for a Mobile Carrier

System Specifications

The required specifications of H/W and S/W for the system structure and operation of the solution are as follows.

Fig. 6 iOS App Shielding Solution AppCAMO-iOS System Specifications

AppCAMO-iOS Prerequsites

- Xcode Latest Version

- Bitcode enabled Archive Build

"AppCAMO-iOS provides multi-layered protection technology that fundamentally blocks app hacking, and has world-class app security technology by providing app hacking detection and prevention technology even at runtime. We are expanding our sales not only in Korea but also in overseas markets such as Southeast Asia."

If you are interested in this solution or have any questions, please feel free to contact us below.

Mail : appcamo@appcamo.com

Tel : +82-2-6951-3296

Home Page : www.appcamo.com

AppCAMO releases Android App Shielding Solution AppCAMO-Android

AppCAMO-Android protects Native apps such as Java, Kotlin, and frameworks such as Cordova, Ionic, React Native against hacking

Mobile applications or apps are fast becoming a popular channel for organizations to serve their customers. The variety of mobile devices at very affordable prices and availability of internet connection contributed to the overwhelming use of apps by millions of people. In doing so, apps have become critical to these organizations’ success and survival.

Unfortunately, hackers have discovered that apps can also be used for their criminal activities. Hackers can easily reverse engineer mobile apps using decompilers to restore original source codes from your apps and insert their code (often malicious or malware code) to them. The malware can do a variety of actions from simply displaying unwanted and nuisance advertisement to more serious actions such as stealing credentials, cloning, bypassing license, financial fraud, remote control, and more, each of which can lead to serious consequences.

Fig.1 Mobile App Hacking Threats

Fig.2 Mobile App Hacking Status

The Most Powerful Mobile App Protector against Hacking

AppCAMO-Android is a powerful app security solution that blocks hacking by applying various app security technologies (decompilation prevention, encryption, obfuscation, repackaging prevention, etc.) hierarchically from hacking threats caused by reverse engineering and tampering. AppCAMO-Android is easy and convenient to use because you can select and apply security technology options on the web browser with just clicks after uploading the APK or AAB file.

Fig.3 Mobile App Security Solution AppCAMO-Android

Over 20 App Security Technologies

AppCAMO-Android provides more than 20 security technologies that conform to OWASP(Open Web Application Security Project), and is divided into static analysis prevention(Code Hardening) technology and dynamic analysis prevention(RASP: Runtime Application Self Protection) technology.

AppCAMO-Android's static analysis prevention(Code Hardening) technology protects APK or AAB files against hacking : 

Decompile Prevention : It prevents hacking by deterring the restoration of source code from the most popular decompilers such as APKtool, Dex2Jar, Jadx, and APKtool extensions. It is the second strongest app security technology after code encryption. By preventing the source code from being exposed, it can block the possibility of tampering and prevent the exposure of sensitive information like algorithms. Since it does not affect the running speed of the app, it is recommended to apply this technology to all apps. When reviewing an app security solution, it is imperative to ensure that it offers this technology. 

 

Repackaging Prevention : It prevents hacking by causing errors during rebuild, assuming that the source code of an app is extracted by a very powerful decompiler. And it can reduce greatly the chances of the app being tampered.

 

Name Obfuscation : There are class name obfuscation, method name obfuscation, and field name obfuscation. Obfuscation delays or prevents source analysis by making it difficult to analyze decompiled sources. Name obfuscation replaces the names of classes, methods, and member variables in the source code with meaningless values to prevent any semantics from being resolved from the identifiers. Because obfuscation technology basically assumes that there is a decompiled source, it is less secure than encryption technology or decompile prevention technology.

 

Code Encryption : It is the strongest app security technology and encrypts all DEXs(that is, all source code) so that the source code created by the developer is not exposed by the decompilers, and it decrypts and executes only in a safe environment during runtime. Android apps developed in Java or Kotlin are recommended to use it because most executable code is stored in DEX files. It encrypts components such as activities, services, intents, application classes, receivers, and content providers defined in the app's manifest file and all classes belonging to the app's package name defined in the manifest file.

 

String Encryption : It finds hard-coded strings such as server address, API key, user account, token, and etc in the source code of the app, and encrypts them. And it decrypts them only when the app is run in a secure environment. If a sensitive value such as a server address, an API key, a user account, or a token is exposed to a hacker, Not only can the server be attacked, but other secondary damage may occur. Therefore, this security technology is recommended for all apps by default. 

 

Resource Encryption : It encrypts resources in asset folder such as images, data files, JavaScript, HTML, CSS, and etc. to prevent data leakage.

 

Hybrid App Encryption(JavaScript Encryption, WebView Encryption) : It encrypts a hybrid app(WebView) that support frameworks such as Cordova and Cordova extensions, Ionic, React Native. The hybrid app's critical behavioral logic is written in JavaScript, which resides in the resource area and is therefore not subject to name obfuscation or code encryption. In this case, this technology encrypts the JavaScript so that no code or data is exposed. Although it is highly secure and powerful, it is difficult to implement, so some vendors mainly provide JavaScript obfuscation or JavaScript string encryption.

 

Custom Hybrid App Encryption(Custom WebView Encryption) : It encrypts a custom hybrid app(WebView) that support custom frameworks. 

 

Debug Information Removal : It removes the relevant area on the DEX so that method parameter names, local variable names, and line numbers on the original source code are not exposed when an app is decompiled, and it makes source analysis more difficult.

 

Logcat Log Removal : It prevents the output of logcat log messages written by developers for debugging purposes while developing an app. It is recommended to remove the logs because the logs written by developers can expose sensitive information such as personal information entered by users, response messages received from the server, or server API addresses.

 

Depending on the characteristics of the app to which the app security technology is to be applied, you can select and apply the app security technology options that prevent static analysis as above. 

 

 

AppCAMO-Android's dynamic analysis prevention(RASP) technology detects and blocks hacking threats while the app is running : 

 

Tampering Detection : It checks whether the source code or the files of an app have been modified. It prevents the app from running if the app is tampered.

 

Debugger Detection : It prevents the app from running if an app is being debugged.  

 

Root Detection : It prevents the app from running if an app is run on a rooted device.

 

Emulator Detection(Virtual Machine Detection) : It prevents the app from running if the app is run in an emulator.

 

Root Hide Detection(Root Cloaking Blocking) : There are hacking apps like Magisk/Magisk Hide apps that disable rooting detection by modifying or deceiving the files, permissions, processes, etc. that are changed in the process of rooting so that they cannot be detected. If it detects these, the app will shut itself down to prevent it from being hacked. 

 

Hacking Tool Detection(Frida Detection) : It detects the execution of the Frida and cause the app to shut itself down in the manner recommended by OWASP. Frida is a tool for testing and fixing problems by controlling apps running on various operating systems(Android, iOS, Windows, etc.). This tool is often used for hacking. With Frida, hackers can write scripts to change the behavior of the app as desired.

 

API Hooking Prevention : API hooking refers to detecting a function called by an app for the operation of a specific function of the app, executing a function defined by a hacker when the function is called, changing the result value, or recording the calling parameter. Using API hooking technology by Frida, the hacker can make certain functions of an app malfunction. The API hooking prevention is a self-defense mechanism that prevents hacking by self-terminating when API hooking is detected in the app or in an environment where API hooking is possible.

 

Memory Hacking Prevention : It detects memory hacking-enabled environments in the app and shut them down to prevent them from being hacked. Memory hacking refers to reading values that the app stores in memory while it's running, to steal information from the app, or to change the value, causing the app to malfunction. Using memory hacking technology by Frida, hackers can adjust the scores and stats of game apps, or extract information from the server.

 

Screen Capture Prevention : It prevents screen capture of an app. With this technology, capturing the app screen is blocked, and important information displayed in the app can be prevented from being leaked out to the outside. Use this technology if the app is developed for business and information should not be leaked outside.

 

Clipboard Copy Prevention : It prevents screen capture of an app. With this technology, capturing the app screen is blocked, and important information displayed in the app can be prevented from being leaked out to the outside. Use this technology if the app is developed for business and information should not be leaked outside.

 

Usage Time Control : It specifies the executable time of an app. If not the specified time, the app will be blocked from running. Use it if you want to limit the app to business hours only.

 

Depending on the characteristics of the app to which the app security technology is to be applied, you can select and apply the app security technology options that prevent dynamic analysis as above. 

Solution Specifications

"AppCAMO-Android provides 4 Layered Protection Technology that fundamentally blocks app hacking, and has world-class app security technology by providing app hacking detection and prevention technology even at runtime. We are expanding our sales not only in Korea, but also in overseas markets such as Southeast Asia and the United States." 

If you are interested in this solution or have any questions, please feel free to contact us below.

Mail : appcamo@appcamo.com

Tel : +82-2-6951-3296

Home Page : www.appcamo.com

AppCAMO, World Class App Shielding Solution against Hacking

 

"Mobile apps are very vulnerable to hacking as the source code of the app is easily exposed by decompilers(reverse engineering tools). AppCAMO-Android protects mobile apps by thoroughly blocking hacking through AppCAMO-Android's static analysis prevention(Code Hardening) technologies and dynamic analysis prevention(RASP : Runtime Application Self Protection) technologies when hackers attempt to hack by static analysis and dynamic analysis. AppCAMO-Android provides more than 20 static analysis prevention technologies and dynamic analysis prevention technologies that comply to OWASP."

Why AppCAMO

Industry's First 4-Layered Protection Technologies

AppCAMO uses 4-layered protection technologies to ensure proactive defense of your app. It protects your app against hacking by applying our powerful security technologies including decompile prevention, encryption, obfuscation and repackaging prevention in a  complementary and hierarchical way. 

Layer 1 : Decompile prevention Technology – Prevent hackers from decompiling apps

Layer 2 : Encryption Technology – Code, String, and Resource

Layer 3 : Obfuscation Technology – Class Name, Method Name, and Field Name

Layer 4 : Repackaging Prevention Technology – Even if a hacker breaks through layers 1, 2, and 3, an error occurs when repackaging the app and eventually the hack fails

Fig.1 App Obfuscation Solution AppCAMO's 4-Layered Protection Technologies

  

Fig. 2 is an example of applying decompile prevention technology. Decompile prevention technology prevents reverse engineering of an app with decompiling tools such as Dex2Jar, Jadx, Apktool and Apktool extensions. If a hacker try to decompile the app after applying this technology, an error occurs during decompilation and the decompilation stops or the source code of the app becomes invisible. This is the second most powerful application security technology after code encryption that is the strongest security technology because it encrypts all the source code of the app, and it can block the tampering by preventing the source code from being exposed, and the exposure of sensitive information such as algorithms, how the app works. Since this technology does not affect the execution speed of apps, it is recommended to apply it to all apps by default. When you review application shielding solutions, it is necessary to see if they offer this technology.

Fig.2 Application Security Solution AppCAMO's Before & After applying Decompile Prevention Technology

Fig. 3 is an example of applying string encryption. String encryption technology finds and encrypts strings in the app's source code, and decrypts them only when the app is run in a safe environment. You can check strings in the decompiled source code of the app, and if sensitive values such as server address, API key, user account, and token are exposed to hackers, secondary damage such as server attack may occur. Therefore, we recommend that this technology be used by default when you apply an app security solution to the app.

 

Fig.3 Application Security Solution AppCAMO's Before & After applying String Encryption Technology

Fig. 4 is an example of applying repackaging prevention technology. This technology prevents repackaging by occurring an error when repackaging an app applied to repackaging prevention technology after decompiling it. This technology can significantly reduce the tampering of the app.

 

Fig.4 Application Security Solution AppCAMO's Before & After applying Repackaging Prevention Technology

Corporate Mobile Application Security Standard Platform

We built the mobile app security standard platform for large corporates for the first time in the world. AppCAMO is applied to more than 250 apps of major mobile carriers SKtelecom and LGU+ every year. 

Fig. 5 AppCAMO - Corporate Mobile Application Security Standard Platform

Stable Use on 70% Korean Smartphones

When a new Android version is released, it is possible to secure technology stability ahead of any competitors by applying AppCAMO to the preload apps of SKtelecom and LGU+ before the launch of the smartphone, and AppCAMO applied apps are stably used on the smartphones of 35 million subscribers, that is, 70% of smartphones in Korea.

Android App Bundle(AAB) Support

Android App Bundle is a model proposed by Google for efficient application service operation by reducing the app size. When a user downloads an app, Google Play Store creates and distributes an APK which is composed of resources and components suitable for each user's device, reducing the application size and disk allocation size. And the application installation time is also reduced. AppCAMO can apply more than 20 application security technologies to AAB files as well.

 

​No SDK, No Coding, Ease of Use by Web Browser

AppCAMO allows users to intuitively and easily select and apply various application security technologies through a web GUI,  and unlike other solutions, AppCAMO doesn't require learning time to use the solution such as configuration files or command lines.

 

​Multiple Applications Management 

AppCAMO provides management features such as user management, keystore management, project management, task management, bulletin boards, and statistics to enhance the convenience of application security technologies management. You can manage the history of applying various application security technologies, so you can manage the history from the beginning to the latest.

 

​More than 20 powerful Application Security technologies that comply with OWASP

AppCAMO provides more than 20 security technologies that comply with OWASP(Open Web Application Security Project), and includes static analysis prevention(Code Hardening) technologies and dynamic analysis prevention(RASP: Runtime Application Self Protection) technologies.

Static analysis prevention(Code Hardening) technologies protect APK files from hacking.

Decompile Prevention, 

Repackaging Prevention,

Class Name Obfuscation,

Method Name Obfuscation,

Field Name Obfuscation,

Code Encryption,

String Encryption,

Resource Encryption

Hybrid Application(JavaScript Encryption, WebView) Encryption,

Custom Hybrid Application(WebView) Encryption,

Debug Information Removal,

Logcat Log Removal and more.

 

Dynamic analysis prevention(RASP) technologies detect and block hacking attempts while an application is running.

Tampering Detection,

Debugger Detection,

Root Detection,

Emulator Detection,

Root Hide Detection(Magisk/Magisk Hide Detection),

Frida Detection,

API Hooking Prevention,

Memory Hacking Prevention,

Screen Capture Prevention,

Clipboard Copy Prevention,

Usage Time Control and more.

 

"AppCAMO, Inc. is a mobile application security company. AppCAMO is also the name of the application security solution. AppCAMO-Android provides 4 Layered Protection Technology that fundamentally blocks application hacking, and has world-class application security technology by providing application hacking detection and prevention technology even at runtime. We are expanding sales not only in Korea but also in overseas markets such as Southeast Asia”

 

If you are interested in or have any questions about this solution, please contact us below.

 

Mail: appcamo@appcamo.com

Phone: +82-2-6951-3296

www.appcamo.com

Room 516, 5FL, Seoul Forest IT Valley 77, Seongsuil-ro, Seongdong-gu, Seoul 04790, Korea