Android, iOS, Windows Mobile App Development Company - Sphinx Solution
Android App Security Solution
description
Transcript of Android App Security Solution
Dedicate to Mobile APP Security By Jayson Li 2014-11-25
www.secneo.com
Sales Contact: [email protected] or [email protected]
About BANGCLE
By Oct. 2014:
240,000 Android Apps30,000 Mobile Developers300,000,000 Smartphones
2010-5 series A round from IDG
2014-5 series C round from SIG
Certified Mobile Firewall Product
Vendor in China IEEE ICSG member
Member of ANVA Certified Android App Security Vendor
in China
2012–2014 Bu
siness
Growth 100%
The Most Dedicated Mobile APP Security Company
2013-4 series B round from IDG 、 Redpoint
Mobile Security Structure
【 Running Env. Security】
VMware
【Device Security】Symantec,
MacAfee, Kaspersky
【 App Security】 BANGCLE
Mobile APP Risks
App
Change paid to free App Malicious
payment creation
Virus injection
Remove/bypass security setting
App Repack
Illegal App localization
Remove Ads
Plugin illegal Ads
Android APP Security Solutions
Evaluation AppShield App Release
App Monitor
App Management
Statistic/BI
Before releasing security evaluation and shielding
APP Distribution Management
APP Distribution Management
Programming Security
Programming Security
Source Code
Protection
Source Code
Protection
Fishing App MonitoringFishing App Monitoring
App Management•Data collection •Environment monitor •Security Early Warning •Message Pushing
App Management•Data collection •Environment monitor •Security Early Warning •Message Pushing
Penetration Report
Penetration Report
Code Auditing Report
Code Auditing Report
App Distribution
Report
App Distribution
Report
Competitor Report
Competitor Report
Piracy Monitoring
Piracy Monitoring
App Monitor/Early warning
Assist to upload to download
sites
Assist to upload to download
sites
Pirated/fishing App Removing Pirated/fishing App Removing
Data Security
Data Security
Environment Security
Environment Security
Business Security Business Security
Storage Protection
Storage Protection
Data Protection
Data Protection
Protocol Protection Protocol
Protection Environment Monitoring
Environment Monitoring
Android APP Security Evaluation
Source Code Audit (White-box)
App Penetration Service
(Black-Box)
APP
Encryption Technology Behind AppShield
Symmetric Encryption
White-box cryptography + AES technology
USA federal government standard
IBM, Arxan, InterTrust etc
BANGCLE Android AppShield Overview
Hack TechnologyCurrent Solution on
Android PlatformBangcle Defend Best Practices on Android
Reverse Engineering Code obfuscation Code Encryption Anti Reverse Engineering App Integrity Check Anti tampering
Debugging N/A Anti-Debugging Low level trap detection Memory monitoring and detection Self Protection Reactivate when App is compromised
Illegal Data Copy Encrypt key can be easy found by disassemble Apk
Transparent Strong Encryption Combined with code encryption Encrypt key secured by white-box technology Bind IMEI with Encrypt key Prevent data file being copied out
BANGCLE Shielded App Security Flow
Android AppShield Flow
Mobile App Game Developers
Mobile Banking App Developers
Black-Box
Cloud USA5 – 10 Minutes
No code change neededUpload AppCloud Shielding (5-10 minutes)Download AppSign Apps -> Test -> Release
AppShield Road Map
Competitors
V0.5 Code Obfuscation
VS.JAVA Class Loader
VS.JAVA VM
VS.CPU VIM
SO ProtectionLocal Data ProtectionUnity Script Protection
VS.
BANGCLE
Android APP Distribution Monitor
Crawlers
Data Analysis
Data Storage
App Similarity Analysis Engine
Report Generator
APK
310 Download site
Information
App Distribution Monitor Report
Web
BANGCLE Security SDK
Secured Soft KeyboardSDK
Anti-Screen HijackSDK Virus
Clean
up
SDK
Anti-Game CheatsSDK
App Region Activation ControlSDK
Accoun
t Toke
n
Protec
tion
SDK
Financial Reference Customers
Other Sector Reference Customers
Q & A
Question 1 : What are AppShield impact to App performance and compatibility?
Answer: Result from over 30,000 App and 150 different smartphones in China, USA, EU, Japan, Korea, HK, TW
Apk size increased 800k - 2000k depend on App and security levels CPU usage increase 2% ~ 8% Memory usage increase 4% ~ 10% APP start up time increase 0.1s ~ 0.9s No compatibility issue for majority brand cellphones Support ARM, x86
Q & A
Question 2 : How long it will take us to shield an App?
Answer: Within 15 minutes. However, normal processing time is less than 10 minutes include virus scan service Question 3 : Can you secure Apk SO, log, audio and other resource files ?
Answer: Yes. We can manually encrypt them
Question 4: How can we try it?
Answer:Yes. You can try a non commercial version Appshield in www.secneo.com or send your request to [email protected] for a banking grade security product and service.
Appendix: When do You Need an Android Security Expert
You spend millions on App security but still got hacked
Your App has many users but few paying
You spend more money on security issue than paying third party professionals
Your developers spend more time on security than writing codes
Your QA spending over 15% testing time on App security
You have to give up a million-dollars game design because of game security control problem
When you choose game engines, security is the top concern
Your developers think they can defeat Hackers