App shielding solution AppCAMO secures Hybrid(Cross-Platform) app

"App obfuscation solution AppCAMO protects Android native apps such as Java and Kotlin, iOS native apps such as Objective-C and Swift, and Cross-Platform apps(hybrid apps) such as Cordova, Ionic, React Native, and Cordova extensions against reverse engineering and tampering."

When developing mobile apps, Java and Kotlin are typical for Android, and Objective-C and Swift are common for iOS. However, to develop apps in these languages, developers need to understand both languages ​​and OS platforms. It requires more developers and, of course, it also increases the cost of operation & maintenance.

Fig.1 Cross-Platform React Native

So, to solve this problem, cross-platform Cordova, Ionic, React Native, Cordova extensions, and etc. have emerged. These are open source frameworks that can be developed with JavaScript and can be developed simultaneously for Android and iOS apps with a single programming language.

Fig. 2 Cross-Platform Cordova and Ionic

In the case of hybrid apps based on these frameworks and custom frameworks, important operation logic of the apps is written in JavaScript, which is in the resource area, so it is not subject to name obfuscation or code encryption. So, in this case, we encrypt them with AppCAMO's hybrid app encryption technology to ensure that no code or data is exposed. This hybrid app security technology is highly secure and powerful, but difficult to implement, so other app security vendors mainly provide JavaScript obfuscation or JavaScript string encryption.

AppCAMO provides strong protection by encrypting the entire JavaScript, which is an important core logic of hybrid apps developed with Cordova, Cordova Extension, Ionic, React Native frameworks, and their custom frameworks. In addition, the native code of hybrid apps is also secured with AppCAMO’s static analysis prevention(Code Hardening) and dynamic analysis prevention(RASP : Runtime App Self-Protection).

AppCAMO's static analysis prevention protects APK or AAB files from hacking.

decompile prevention,

repackaging prevention,

class name obfuscation,

method name obfuscation,

field name obfuscation,

code encryption,

string encryption,

resource encryption,

hybrid app encryption,

custom hybrid app encryption,

debug information removal,

Logcat log removal and more.

 

AppCAMO's dynamic analysis prevention blocks hacking attempts while apps are running.

tamper detection,

debugger detection,

root detection,

emulator detection,

root hide detection(Magisk/Magisk Hide detection)

Hacking tool detection(Frida detection),

API hooking prevention,

memory hacking prevention,

screen capture prevention,

clipboard copy prevention,

app usage time control, and more.

​

JavaScript frameworks such as React Native, Cordova, and Ionic simplify app development, but because they are not compiled to native code, they often suffer from poor app performance. However, Flutter is increasingly being chosen by developers because it allows them to build high-performance apps with fewer resources than native apps.

Fig. 3 Cross-Platform Flutter

AppCAMO will also provide security support for these Flutter frameworks. We would like to end this post today with a promise to give you good news soon.

"App security solution AppCAMO provides multi-layered protection technology that strongly blocks app hacking, and has world-class app security technology by providing app hacking detection and prevention technology even at runtime. We are expanding our sales not only in Korea, but also in overseas markets such as Southeast Asia and the United States."

If you are interested in this solution or have any questions, please feel free to contact us below.

Email : appcamo@appcamo.com

Phone : +82-2-6951-3296

www.appcamo.com

AppCAMO, App Security Consulting Case in Southeast Asia

"Mobile apps are very vulnerable to hacking because the source code of the app is easily exposed as a decompilation tool(reverse engineering tool). AppCAMO uses AppCAMO's static analysis prevention technology(code hardening) and dynamic analysis prevention technolog(RASP: Runtime Application Self Protection) when hackers try to hack mobile apps by static analysis and dynamic analysis. It protects mobile apps safely by thoroughly blocking hacking. AppCAMO-Android provides more than 20 static analysis prevention technologies and dynamic analysis prevention technologies that comply with OWASP, and AppCAMO-iOS provides more than 14 static analysis prevention technologies and dynamic analysis prevention technologies."

Mobile app shielding solution AppCAMO has proven its stability and security by being used in thousands of apps and 35 million smartphones every year through strategic R&D partnerships with large companies in Korea from 2014 to now. In addition to mobile carriers, customers continue to expand to fintech companies, financial companies, government agencies, large SI companies, physical security companies, railway companies, telecommunication service companies, software development companies, app development companies, government organizations, and local governments. In addition, we have been promoting overseas business and producing results in Southeast Asia since 2019.

Fig. 1 Mobile App Shielding Solution AppCAMO 4-Layered Protection Technology

Today, we would like to tell you a security story about a service app in Southeast Asia that is similar to KakaoTalk in Korea. In Southeast Asia, apps are frequently hacked, so many cloned apps are used. In the case of F* app in Southeast Asian country, there are many duplicate apps, so internet phone traffic is high, but ARPU(average monthly subscriber revenue) is continuously falling. A major wireline operator which was providing internet phone service with this app requested app security consulting from AppCAMO, Inc., and AppCAMO, Inc. provided the following consulting.

Fig. 2 Android App Security Solution AppCAMO-Android Security Technologies

In the case of an attack using an already exposed SIP server address or an attack using the API integration method, server security is required first, so securing only the app may not be effective in the attack. Therefore, we first identified how the hacker was attacking, and then took security measures in a way that suits the attack.

If AppCAMO technology is applied to the F* app, it prevents exposure of the server address, the method of interworking with the server, and the algorithm, and prevents the damage of using a tampered app for free. However, it was emphasized that complete security cannot be achieved unless the servers are changed together.

First, we identified the types of hacker attack. Here are the types of attacks: 

The first is that the existing F* app was not secure, so a tampered F* app was distributed to users, and abnormal traffic was generated through this app. 

Second, the hacker decompiles the existing F* app and creates a third app using the interworking method such as the server address or the format of data exchanged with the server, resulting in abnormal traffic. 

Third, when you normally log in to the server using the existing F* app, the SIP server address received from the server was disclosed, and free traffic occurred through other SIP apps.

These types of attack have been identified and the following actions have been taken.

- Change the API server address that works with the F* app

   The new version of the F* app has configured a new API server to communicate with, and the address and port used also need to be changed. If possible, we recommend using a different address and port for the SIP server.

- Launch a new F* app that communicates with a new API server

   At this time, AppCAMO Code Hardening technology such as code encryption, string encryption, decompile prevention, and repackaging prevention, and AppCAMO RASP technology such as tampering detection, debugger detection, rooting detection, emulator detection, Frida detection, and Magisk/Magisk Hide detection must be applied.

- When communicating with the server in the new F* app, it is recommended to use HTTPS protocol and apply SSL pinning technology.

- Stop using the existing API server and F* app for a certain period of time.

Fig. 3 iOS App Security Solution AppCAMO-iOS Security Technologies

In summary, by releasing a new server and a shielded new app, the server and information exposed through the existing F* app without security technology were invalidated. Through the new app to which AppCAMO, the mobile app obfuscation solution, was applied, it was possible to block the exposure of the method of interworking with the server and the exposure of the API address, and to prevent tampering of the app.

As a result of monitoring for 3 months through a new server and a AppCAMO shielded new app, free traffic was blocked and ARPU recovered again. Through the successful application of AppCAMO, we were able to increase customer satisfaction.

"AppCAMO-Android provides 4 Layered Protection Technology that fundamentally blocks app hacking, and has world-class app security technology by providing app hacking detection and prevention technology even at runtime. We are expanding our sales not only in Korea, but also in overseas markets such as Southeast Asia and the United States." 

If you are interested in this solution or have any questions, please feel free to contact us below.

Mail : appcamo@appcamo.com

Tel : +82-2-6951-3296

Home Page : www.appcamo.com