Mobile Application Shielding Features

Improve your users’ mobile app experiences while controlling fraud and defending against the latest mobile app security threats

Mobile Application Shielding Features


Prevention Capabilities

Next-generation Code Obfuscation

Binary code protection performed post-compile, making it extremely difficult for attackers to exploit application code via reverse-engineering.

Repackaging Prevention

Detecting whether an attacker or hacker has duplicated the app source code and injected malicious functionality into it. If repackaging is detected, application shielding will render the corrupted app inoperable.

Secure Local Storage

Encrypt and obfuscate encryption keys and secrets such as dynamic API keys within the app. The fully self-contained, independent of platform protections and whitebox-backed secure local storage  adds an extra layer of security and protect PII, session tokens and keys even on jailbroken or rooted devices.

Secure Application ROM

Keep your fixed app secrets such as fixed static API keys and certificates safe. Data will only be decrypted when used by the application. 


Detection Capabilities

Overlay Detection and Prevention

Mobile banking Trojans will overlay apps with a malicious window, mimicking a legitimate log-in screen to steal banking credentials. By detecting that the shielded app has been pushed to the background, app shielding can terminate the app before theft can occur.

Jailbreak/Root Detection

Jailbreaking or rooting a device disables default security controls within iOS and Android. Advanced jailbreak/root detection offers visibility that can help in risk decisions rather than denying service outright.

Debugger and Emulator Detection

Detecting and blocking debuggers, emulators, and other tools leveraged by malicious actors in their attempts to exploit a mobile app further mitigates the risks of reverse-engineering or interference with a mobile app as it executes.

Hooking Detection and Interception

By detecting and countering malware with hooking capabilities or hooking frameworks, such as Frida, app shielding maintains a tamper-resistant runtime and terminates the app before hooking can occur.

A mobile with a document and a plus icon on screen

Response Capabilities

Anti-keylogging and Screen-reading

Mobile banking Trojans and other malware will attempt to log a user’s keystrokes or steal information displayed on app screens. If application shielding detects such activity, it can react in real time to interrupt it.

A Variety of Real-time Responses

App shielding reactions are configurable and can include blocking the execution of injected code, alerting administrators, feeding fraud prevention tools, or terminating the app.

Visibility for further analysis

Application shielding provides contextual data about the security status of the client side that fraud prevention tools can ingest and combine with other inputs to make better risk decisions about a transaction, login or other user action. This results in an optimal user experience without compromising the security.


Self-service Portal Capabilities


Design focused on intuitive UX, simple to understand configuration and easy-to-use zero-code/no-code shielding experience that allows the solution to be used by non-technical employees. 

Get started with OneSpan App Shielding

OneSpan can help you install complete trust in your mobile apps with advanced cybersecurity to drive growth in your digital channels.