App Shielding With Runtime Protection

Defeat mobile application attacks with complete protection from the inside out

3 minute read


OneSpan App Shielding’s holistic approach to security includes:

Protect at rest
  • Next-generation code obfuscation
  • Repackaging prevention
  • White-box cryptography
  • Secure local storage
  • Secure application ROM (SAROM)
Protection at runtime
  • Jailbreak & root
  • Anti-code injection
  • Anti-key logging
  • Anti-screen reader
  • Anti-system screenshots
  • Anti-screen mirroring and external monitors
  • Debugger and emulator
  • Integrity check and visibility for further analysis
  • A variety of real-time responses
  • Self-service portal capabilities

The majority of today’s digital banking users use their mobile devices to conduct banking transactions. Unfortunately, this relatively recent phenomenon correlates with a record-high increase in mobile fraud. At the same time, mobile applications have become increasingly business-critical for any enterprise. However, feature enhancements and updates have often taken priority over security, which tends to be seen as a burden that only hinders development and release speed. 

That’s why it’s so critical to ensure your apps are completely protected, at rest and at runtime—thanks to an easy-to-use solution that requires no additional time or effort from your development team. 

Protect at Rest

Robust security is essential for any mobile app that carries Personal Identifiable Information (PII), or other sensitive and confidential information related to payments, smart contracts, metadata, or your business operations. This is especially challenging for apps running on jailbroken or rooted devices. 

OneSpan App Shielding protects personal information, encryption keys, and secrets such as dynamic or static API keys, through whitebox-backed secure local storage and secure application ROM. Data is only decrypted when used by the application.

To increase resistance to reverse engineering, we also obfuscate the mobile app code with advanced techniques. App Shielding applies next-generation code obfuscation post-compile, providing a completely non-invasive approach without affecting app performance. In addition to this protective layer of security, App Shielding itself is obfuscated. This additional layer makes it impossible to remove or bypass App Shielding.

Along with these techniques, we effectively protect the app from tampering and repackaging. App Shielding detects whether an attacker has duplicated the app source code and injected malicious functionality. If repackaging is detected, App Shielding renders the corrupted app inoperable.

Protect at Runtime

Consumer devices are beyond the control of mobile app developers, which can make it challenging to secure apps at runtime. 

App Shielding seamlessly integrates into existing apps to detect, mitigate, and protect against runtime attacks such as code injection, debugging, emulation, screen mirroring, app hooking, and more. The application stays protected even on compromised devices, and in the case of novel, previously unknown attacks. Even if a device is infected with malware that leverages fraudulent keyboards with keyloggers, remote screen capturing, screenshotting, or overlay screens, runtime application self-protection (RASP) technology will detect and prevent any unauthorized behavior of the app or the environment.

OneSpan App Shielding proactively protects against zero-day and other targeted attacks, blocking foreign code from executing, dynamically changing the app screen depending on the risk, or even shutting down the application if a serious threat exists. These techniques ensure complete app integrity and fully protect sensitive business and personal data from cybercriminals.

Strengthen Application Security

App Shielding provides an extensive list of easy-to-integrate features that are invisible to the end user. They do not impact the user experience or delay the execution of operations in the app. As a result, businesses can extend and strengthen application security, protect customers, and meet aggressive application development timelines. 

The solution also helps increase operational productivity, by removing tasks and manual work from the security team, eliminating mistakes, and streamlining app certification and audits. This not only improves development efficiency but also reduces the total cost of ownership.

Mobile Security Suite

App Shielding with runtime protection is available as a standalone solution, and also as an optional feature in the OneSpan Mobile Security Suite. Mobile Security Suite is the most comprehensive mobile in-app protection solution of its kind, seamlessly integrating a range of security features into any mobile app, including identity/authentication, secure storage and communications, obfuscation, white-box cryptography, runtime protection, and more.

Mobile Security Suite

How It Works

App Shielding takes a three-pronged approach to ensuring the integrity of mobile apps: Protect, Detect, and React. 

It will protect the mobile application by preventing reverse engineering techniques via next-generation code obfuscation, white-box cryptography, and anti-repackaging technology.

It will detect malicious key logging, screen readers, repackaged applications, debuggers and emulators, and jailbroken or rooted devices. 

It can then be configured to react to prevent malicious activities, by shutting the app down or enabling customized actions based on business policy.

How It Works