Mobile App Protection

Secure Mobile Apps from Attack Anytime, Anywhere

Resources

Whitepaper: Security for Mobile Devices

Download EnsureIT Family of Products - Data Sheet

Webinar: Android & Security: can they get along?

Whitepaper: Securing Android Applications

Datasheet: EnsureIT for Android

Recent Hack of Google’s Android Market License Server points out the need for layered application protection

Arxan CTO Blog on Android Application Security

Contact Us

Mobile Apps are Vulnerable
Mass adoption of  mobile computing devices such as smart phones, tablets, netbooks etc.  have created an app-centric global marketplace.  This resultant APP ECONOMY  is driving  new business models and revenue streams across all industries.  The app economy has also become a clear target for hackers, that typically launch collaborative and sophisticated attacks on the new perimeter:  the application.

In line with mobile adoption, attacks against all major mobile platforms - including Android, Apple iOS,  Blackberry, Windows Phone Series – are growing.   The diversity of platforms, devices, immature mobile standards and development practices all contribute to an insecure mobile app environment, especially as device jail breaking is now a marketplace norm that easily provides root access to unauthorized users. 

Mobile apps are also exceptional in that they reside outside the network firewall, on a fairly unique device that supports a particular platform, and may need to communicate with sensitive servers.  This makes mobile software even more vulnerable to Man At The End (MATE) attacks such as malware injection, reverse engineering from code analysis, tampering and code modification that results in unauthorized access, software piracy, subversion and discovery of security logic, such as keys. 

The result:  mobile app publishers in  digital media, financial services, healthcare, gaming, automotive, government or other industries are subject to loss of revenue and control from malware, piracy, unauthorized usage or intellectual  property theft.

As industry practitioners seek to differentiate their products and services via mobile offerings native and hybrid applications are exploding as they provide more rich and advanced features.  Hackers also see a growing and relatively easy target in mobile apps to compromise digital assets. 

Arxan Secures Mobile Apps from Attack : Mobile Application Protection Suite
Publishers of mobile applications, whether enterprises or ISVs, must guard applications INTERNALLY with layered protections, using a variety of security techniques such that they are resistant to attack.  Arxan’s mobile app security offers:

• end to end Android app protection (Java and Native),
• a tunable level of robustness (ability to layer protections) for optimal battery usage,
• a vast  array of protection techniques to deliver durable and resilient security in the wild.

Deploying Arxan software protections ensure:

• Sensitive data (perhaps under legislative protection) is not inadvertently compromised, and all compliance standards are met
• Appropriate for access to/usage of an application
• Seamless testing processes and best practices for applications as part of overall security; Example:  Pen Testing providers are now testing for “ease of decompilation” of financial apps.
• Mobile apps aren’t hacked with malware and re-published under your brand

Contact us to learn more about our Mobile Application Protection Suite and how it can address your diverse mobile app security needs such as the below sample use cases:

• Preventing Reverse Engineering/Decompilation
• Preventing spoofing of apps to access sensitive data (NFC)
• Preventing malware insertion
• Securing Keys against discovery
• Preventing in-memory tampering or dynamic in-memory decryption/repair
• Preventing vulnerability/sensitive data and application logic discovery