PRODUCTS

App Integrity Protection

google

Google strongly recommends developers to obfuscate code in order to raise the bar against hackers and pirates. The attacks Google has seen so far are also all on applications that have neglected to obfuscate their code.

PRINT PAGE SEND TO FRIEND

Home>Products>Mobile>EnsureIT® for Android/ARM

EnsureIT® for Android on ARM

App Integrity for Android

Android is Everywhere and Vulnerable!

Worldwide market share of Android-powered devices continues to explode. As industries, such as digital media, enterprise and government leverage this open-source OS with new mobile applications for their consumer and business customers, concerns about Android security take center stage.

Specifically, Android applications, whether Java/Dalvik bytecode or native Android application code, are vulnerable due to:

Limited security components of Android Market and other download sites
Hacker toolkits designed to attack applications by:
- reverse-engineering
- disassembly or
- debug mobile applications
Open-source nature of Android applications being susceptible to malware attacks via internet connection
Rapid, global distribution which facilitates sophisticated global collaboration of cybergangs

The Attacks

Attacks include malware, software piracy, theft of intellectual property, call/SMS fraud and data theft. Carrier and device maker business models are also at risk. Jailbreaking, for example, interferes with the carrier’s business model, and also puts every other application (and related data) in danger of reverse engineering, tampering and theft.

Software protection is needed to ensure business models, intellectual property (IP), and digital rights management (DRM) requirements.

EnsureIT for Android

Arxan’s EnsureIT for Android delivers automated embedded software protection that is easy to deploy and durable. EnsureIT features automated defend, detect and react capabilities by deploying various security techniques (called Guards) such as obfuscation, checksum, repair and anti-debug directly into the software code of each application for defense-in-depth. This layered protection of diverse Guard types provides control, trust and tamper-resistance for the application.

Specifically, EnsureIT for Android provides application hardening for Android applications that run in the Dalvik virtual machine and call into native code via the Android Native Development Kit (NDK). The NDK is used to implement native code languages such as C and C++ in a manner that can increase efficiency and speed by reusing existing code.

The result is customized, low-impact, high-durability application security that is embedded into applications to protect valuable assets.

EnsureIT - Core Features

Tunable security for mobile platforms and their application offerings
Layered network of protections, with no single point of failure
Self-heal in the event of an attack by restoring protections
Requires no changes to source code
Support for a broad range of emulators and devices
Support for the entire Google development platform and other Android platforms
Support for the ARM processor
Command line interface to integrate into build environment
No single point of failure

Resources

Embedded and Mobile Software Protection

"The pace of innovation on mobile phones and other smart wireless devices has accelerated greatly in the last few years, adding features, speed and computing power. But now the attackers are beginning to outstrip the good guys on mobile platforms, developing innovative new attacks and methods for stealing data that rival anything seen on the desktop, experts say."

- Threatpost Editors

Download EnsureIT for Apple iOS- Data Sheet