App Safer User Guide

Q. What is App Safer?

  • App Safer is a mobile security solution that detects and mitigates application tampering attempts and mobile security breach attempts, and analyzes and provides results to maintain a secure execution environment for mobile applications from a variety of security threats.

Q. What are the benefits of using App Safer?

  • You can easily and safely apply the security technology of App Safer in Naver and LINE.
  • You can protect your applications from a variety of security threats, including binary topology, modulation, memory tampering, hooking, and device environment manipulation.
  • You can check the information about the detected security threats in real time, so you can respond quickly and prevent further security incidents.

Q. What does App Safer provide?

  • App Safer provides a variety of security features to protect your applications.

    • Android app protection

      • Obfuscation By applying obfuscation and string obfuscation for the class/method name of JAVA code, it is possible to make it difficult to analyze the code that causes the security threat.

      • Encryption
        Decompilation for code analysis can be prevented by encrypting Dex, So, and Unity related binaries.

      • Real-time environment detection It performs the following application execution environment detection.

      • Rooting detection Detects rooting behavior in which a user is forced to gain superuser privileges in the operating system.

        • Virtual machine detection (ex, emulator) Detects whether the application is running on a virtual machine.

        • Debugging detection Detect debugging behavior that accesses the application process and analyzes it dynamically.

        • Unauthorized app fingerprint detection By detecting the execution of unregistered applications, it can cope with the distribution of abnormal applications.

        • Memory tampering detection Detect memory tampering by adversaries.

        • Application tamper detection Detect whether the application has been tampered with by a adversary.

        • Speed hack detection Detects system time manipulation by adversaries.

    • iOS app protection
      • Jailbreak detection Detects jailbreak behavior in which a user is forced to gain superuser privileges in the operating system.

      • Virtual machine detection (ex. simulator) Detects whether the application is running on a virtual machine.

      • Debugging detection Detect debugging behavior that accesses the application process and analyzes it dynamically.

      • Memory tampering detection Detect memory tampering by adversaries.

      • Unauthorized app fingerprint detection By detecting the execution of unregistered applications, it can cope with the distribution of abnormal applications.

      • Bypass tool detection Detect and always respond to bypass tools to bypass detection functions.

Q. How does App Safer work?

  • If a customer does not need to port the API directly, uploading the APK file will automatically apply App Safer's security service.
  • With the web-based service Console, application registration, configuration management, and detection results can be viewed at once, making service quick and easy.
  • (※ However, iOS application is provided by way of porting directly to App Safer SDK.)

[How to apply Android]
  • You can register apps you want to protect in the app registration menu of Ncloud Console> App Safer> Management . For Android applications, AppSafer can be applied using the'Easy Application of APK' method and the'SDK Connection' method.

[ Android app registration-Easy Application of APK ]

You can easily apply AppSafer through a total of 6 steps.

  1. Enter app information

    • You can enter application information to register.

      • OS
      • Application Method('Easy Application of APK')
      • Notification settings
      • Memo
    • You can upload APK by selecting "Easy Application of APK".

      Only files with APK file format can be uploaded.

      An APK that has already applied a security solution may fail to register the app.

      The maximum size of the APK to be uploaded is 500MB.

  1. Obfuscation setting

    • App Safer enhances security by obfuscation of the names and strings of Class / Method / Field.

    • App Safer automatically extracts obfuscation targets from uploaded APKs.

    • The packages exposed on the screen below are automatically exceptions to objects that should be excluded from obfuscation for the normal operation of the app.

      ※ **The targets below are basically exceptions. Please check if it is exposed to the list of exception target packages.

      • Interface related packages called by Android Framework
      • 3rd party library
    • If additional exception handling is required, enter the target package name on the screen above and click the 'Add exception target' button.

      Package names that do not exist are not added.

      The obfuscation is also applied to the subclass / method / field of the package name entered.

  1. Binary protection settings

    App Safer automatically extracts binary protection targets from uploaded APKs.

    App Safer can protect against 2 binaries.

    A. Native Library protection

    • You can protect against Native Library binaries used in Android.

    • Native Library binary protection supports the following architectures.

      • armeabi
      • armeabi-v7a
      • arm64-v8a
      • x86
      • x86_64
    • Select the checkbox for the Native Library you want to protect.

      By default, native library protection target is not selected.

B. Unity binary protection

  • You can protect your Unity binaries in the Android App for Unity.

  • Native Library binary protection supports the following architectures.

    • Mono
    • IL2CPP
  • Uncheck the box for Unity binaries you don't want to protect.

    By default, all Unity binary protection targets are selected.

    If the uploaded APK does not have a file that is subject to Unity binary protection, the Unity binary will not be exposed.

  1. Log collection settings

    • Effective Log Search & Analytics (ELSA) product must be linked to App Safer's log storage and statistics inquiry.

    • When you agree to use the product, an ELSA project is automatically created where you can check the App Safer Log.

    • Detailed Logs can be viewed in [Console] > [App Safer] > [Event Log] and [Effective Log Search & Analytics (ELSA)] products.

      A separate fee is charged for the saved logs according to ELSA product policy.

  1. Blocking Policy Settings

    • App Safer provides flexible policy management that can be applied according to application business characteristics.

    • Block conditions can be set based on the type of detection provided by App Safer products.

    • Blocking policies applied to other applications can be recycled with the [Load] function.

    • You can set a message to be displayed if the execution is blocked by the policy.

      • You can set it by country. If the user's device has not registered the country code used in advance, then it displays a message on the DEFAULT.

  1. Final confirmation

    • You can finally check the App Safer settings.
    • Click the Register button to apply and register App Safer's security solution.
    • Registration can take several minutes.

[Downloading protected applications]

  • Within minutes of applying App Safer, you can download APK files with App Safer's security solutions.

  • Click the [APK] button in Ncloud Console > App Safer> Management and click the [Download APK] button to download the APK file with App Safer applied.

[Running the protected application]

  • Protected Android applications can be signed with a developer signature and run on mobile devices.

    ※ If a problem occurs during execution, please contact us through Help Center and we will solve the problem as quickly as possible.

[ Android app registration-SDK Connection ]

In [Console]> [App Safer]> [Management], click the [Add app] button to register an application that needs protection. You can easily apply App Safer through a total of 4 steps.

  1. Enter app information

    • You can enter application information to register.

      • OS
      • Application Method('SDK Connection')
      • Package name
      • App Version
      • Memo
  1. Log collection settings

    • Effective Log Search & Analytics (ELSA) product must be linked to App Safer's log storage and statistics inquiry.

    • When you agree to use the product, an ELSA project is automatically created where you can check the App Safer Log.

    • Detailed Logs can be viewed in [Console] > [App Safer] > [Event Log] and [Effective Log Search & Analytics (ELSA)] products.

    A separate fee is charged for the saved logs according to ELSA product policy.

  1. Blocking Policy Settings

    • App Safer provides flexible policy management that can be applied according to application business characteristics.

      • Block conditions can be set based on the type of detection provided by App Safer products.

      • Blocking policies applied to other applications can be recycled with the [Load] function.

      • You can set a message to be displayed if the execution is blocked by the policy.

        • You can set it by country. If the user's device has not registered the country code used in advance, then it displays a message on the DEFAULT.
  1. Final confirmation

    • You can finally check the App Safer settings.

    • Click the Register button to apply and register App Safer's security solution.

[Download App Safer Android SDK]

[Console]> [App Safer]> [Management] After accessing the screen, you can download the App Safer SDK through the [SDK] button.

[SDK] [App Safer Key] exposed when the button is clicked is an authentication key that can be used for initialization and integration of App Safer SDK.

For detailed App Safer iOS SDK integration method, refer to App Safer Android SDK Application Guide.

[How to apply iOS]

For iOS applications, AppSafer can be applied by 'SDK Connection'.

[ iOS app registration-SDK Connection ]

In [Console]> [App Safer]> [Management], click the [Add app] button to register an application that needs protection. You can easily apply App Safer through a total of 4 steps.

  1. Enter app information

    • You can enter application information to register.

      • OS

      • Application Method (SDK integration)

      • Package name (Enter the bundle ID of your iOS app.)

        ※ "App Name" and "App Package Name" cannot be changed after registration.

        ※ Please enter the same package name as the actual app being distributed.

      • App Version

      • Memo

  1. Log collection settings

    • Effective Log Search & Analytics (ELSA) product must be linked to App Safer's log storage and statistics inquiry.

    • When you agree to use the product, an ELSA project is automatically created where you can check the App Safer Log.

    • Detailed Logs can be viewed in [Console]> [App Safer]> [Event Log] and [Effective Log Search & Analytics (ELSA)] products..

      A separate fee is charged for the saved logs according to ELSA product policy.

  1. Blocking Policy Settings

    • App Safer provides flexible policy management that can be applied according to application business characteristics.
    • Block conditions can be set based on the type of detection provided by App Safer products.
    • Blocking policies applied to other applications can be recycled with the [Load] function.
    • You can set a message to be displayed if the execution is blocked by the policy.
      • You can set it by country. If the user's device has not registered the country code used in advance, then it displays a message on the DEFAULT.
  1. Final confirmation

    • You can finally check the contents of App Safer settings.
    • If you click the Register button, App Safer's security solution is applied and registered.

[Download App Safer iOS SDK]

[Console]> [App Safer]> [Management] After accessing the screen, you can download the App Safer SDK through the [SDK] button.

[SDK] [App Safer Key] exposed when the button is clicked is an authentication key that can be used for initialization and integration of App Safer SDK.

For detailed App Safer iOS SDK integration method, refer to App Safer iOS SDK Application Guide.

Q. How do I set the blocking policy of App Safer?

  • Apps to which App Safer is applied are detected/blocked only for security events to which policy settings have been added.
  • How to set the blocking policy is as follows.

  • There are two ways to set up a blocking policy:

    • Blocking policy can be set during the app registration process.
  • When you click a specific line in the app list, you can check the blocking policy applied to the app, and you can modify the blocking policy with the Settings button.
  1. You can load the blocking policy applied to other apps with the Load Blocking Policy button.
  1. Here's how to add your own blocking policy:

    ① Select detection type

    • Rooting / Jailbreak : The device running the app is Rooting (Android) / Jailbreak (iOS)
    • Speedhack : The use of Speedhack was detected while the app was running.
    • Emulator / Simulator : The app was run in Emulator(Android) / Simulator(iOS) environment.
    • Memory Tampered : Memory tampering was detected while running the app.
    • App Integrity Tampered : App tampering was detected.
    • Unauthorized Signature : The app has been executed with an unregistered app fingerprint.

    ② Enter blocking conditions

    • It counts the number of detections and blocks if more than one detection condition is met.

    ③ You can add blocking conditions for each detection type.

  2. The detection and blocking log of the applied policy can be checked in Console > App Safer> Event Log.

Q. How do I manage an app fingerprint?

  • If an app with the App Safer is executed, then the app fingerprint is automatically collected.
  • If you add the Unauthorized Signature policy when setting the blocking policy, apps with unregistered app fingerprints will not be executed.
  • If you set the app fingerprint to Collect, then it is automatically collected when the app is executed. You can check it in the app details.

    • If it is set to Collect, then the status changes to Operating (collecting app fingerprints). In this case, even if the app fingerprint detection is enabled, an unregistered app fingerprint is automatically added as an app fingerprint. So, the app fingerprint detection does not occur.
    • If it is set to Not collect, the status will change to Operating. (Even in this case, the app fingerprint detection must be enabled to exit the app by the detection policy.)

    ① Name of the app fingerprint automatically registered

    • This is collected based on the AOS/iOS-specific criteria with the name of an app fingerprint automatically registered along with the app execution.

    ② App fingerprint automatically registered

    • This is a unique value of an app fingerprint automatically registered along with the app execution.

App Safer's detection log viewing

App Safer's detection log can be viewed in real time via the [Console]> [App Safer]> [Event Log] screen.

App Safer is basically provided in conjunction with ELSA (Effective Log Search & Analytics) products, and ELSA products provide the following functions.

  • Real-time log viewing
  • Search logs
  • Provide charts and graphs

NCloud Console> App Safer> Event Log screen that is linked with CLA (Cloud Log Analytict) product provides the following functions.

① Search condition of Event Log can be set. You can inquire about the following contents.

  • Package name: You can search by the package name of the application registered in App Safer.
  • Period: You can select Event Log by selecting specific period.
  • Detection type: You can inquire about 9 types.
    • Rooting/Jailbreak: The app was run on the rooting (Android)/Jailbreak (iOS) device.
    • Emulator/Simulator: The app was run in the Emulator(Android)/Simulator(iOS) environment.
    • Debugging: Debugging was detected while running the app.
    • Memory Tampered: Memory tampering was detected while running the app.
    • Speedhack: The use of Speedhack was detected while the app was running.
    • App Integrity Tampered: App tampering has been detected.
    • Unauthorized Signature: An unauthorized app fingerprint has been detected.
  • OS: Mobile OS Type setting (Android, iOS)
  • Country Code: You can view the Event Log by country.
  • App version: You can view the version of the app registered in App Safer.
  • App Safer version: You can view the version of App Safer SDK applied at the time of app development.
  • User ID: User ID entered through App Safer's setUserId API.
  • UDID: The device identifier generated by App Safer itself.
    • It can be used to identify Multi device user by comparing with User Id Hash value.
    • You can check your app installation status against the package name.
  • ELSA Project ID: You can check the ELSA project ID where AppSafer logs are saved.

    ② "Events detected per execution" graph: Shows the number of security events detected versus the number of actual device executions by period.

    ③ "Detection over time" graph: You can check the detection trend by type of security event.

    ④ "Proportion by detection type (%)" chart: You can understand the detection rate by security event at a glance.

    ➄ Detected details: You can check the details of the Event Log.

    A: You can click the area to check UserId, app fingerprint, UDID, and blocking status.

    B: If it is an unregistered app fingerprint, then it is displayed in red.

    C: In the blocking status, you can check the detection type, blocking policy, and the number of times currently detected. Blocked policies are displayed in red.

    D: In case of blocking login, the unblock button is activated, and you can click the button to unblock the device. In the case of unblocking, additional logs with the detection status set to 0 are accumulated.

Q. Can App Safer control specific applications deployed in the marketplace?

App Safer uses 'App Security Key' internally to authenticate users and apps .

App Safer's "App Security Key" allows you to change the status of a specific application.

An application can have four states:

Running

  • Apps with App Safer can run normally.
  • If you click the Stop button, it will be stopped and the app will not run.

    Running (Collecting Fingerprints)

  • The app fingerprint collection is being executed as the App Safer has allowed it.
  • Even with the app fingerprint detection policy, the fingerprint is automatically registered, so it does not work.
  • After completing the test, you must change the fingerprint collection status of the app details to Not collect and change it into Operating.

    Stopped

  • Apps with App Safer will not run
  • If you click the Start button to change it to active, your app will run normally.

    Registering

  • App Safer security solution is being applied.

    Registration failure

  • Failed to apply App Safer security solution.
    ※ If you have problems registering the app, please contact us and we will resolve the problem as soon as possible.

Terms Explanation
App Safer Naver Cloud platform is a name for mobile security solution that detects the tampering of applications and attempts to infringe on mobile security to maintain safe execution environment of mobile application from the threats of mobile device or service. This is a mobile security solution that provides analysis.
Brick An internal security check engine (solution) for App Safer services.

It protects your applications from various security threats such as binary topology, modulation, memory tampering, hooking, and device environment manipulation of a terminal equipped with the customer's App.

SDK App Safer provides a security software development kit (SDK) that enables the monitoring of roaming / malicious apps / counterfeit apps on mobile devices, and allows the system to receive API calls from the SDK-equipped terminals to conduct security checks.

App Safer offers separate SDKs for Android and iOS.

Rooting This is true for Android, and getting permission from the Android system is called "routing." Once you have system privileges on Android, all your apps (users) can edit / delete sensitive files and control hardware performance. Using this privilege can cause a service infringement, and users can also be vulnerable to security, so App Safer can determine whether it is routed or not.
Jail breaking For iOS, this is similar to Android's routing. access to system files that are not supported by iOS, installation of programs that violate Apple policy, and change of themes. In the same way as for routing, App Safer judges whether or not to jailbreak To be detected.
App Modulation / Modulation Check Check that the moderated app is running against the original.
Developer public key This is the public key that Android developers use to sign your app. It is stored in Android Keystore, which is assigned to each developer when registering with Android Developers, and App Safer is used to issue security keys for user and app authentication.
App Safer Key App Safer Key is an authentication key that can be used for initialization and integration of App Safer SDK.
Memory Modulation Detection 'Memory Modulation' is the act of changing the memory of the running application process. Memory modulation can be used to take unjust gain, such as variable manipulation, billing bypass. App Safer allows real-time detection of these memory tampering behaviors.
Speed Nuclear Detection 'Speed nucleus' is a function to change the system time of the device. If you change the system time of the device, you can freely control the operation speed of the application. Speed ​​Nucleus can be used to change the speed of the game and gain unfair advantage. App Safer allows you to detect these speed nuclear activity in real time.
Note

This product is also available as a global region service.

See also

You can find the associated information in the guide below.

に対する検索結果は~件です。 ""

    に対する検索結果がありません。 ""

    処理中...