Security for Android applications
Arxan Technologies released EnsureIT for Android, a software protection product that secures mobile Android applications against reverse-engineering or tampering for unauthorized access, piracy and insertion of exploits.
Google recently recommended that Android developers secure their applications as they interface with the Android Market licensing server. Tim Bray, Google’s Android developer evangelist, advises developers to obfuscate code in order to raise the bar against hackers and pirates. “The attacks we’ve seen so far are also all on applications that have neglected to obfuscate their code, a practice that we strongly recommend,” Bray said.
Bray suggests that “obfuscating” the licensing server’s sample authentication code makes it difficult for hackers to find the parts of the code required for bypassing the authentication process.
EnsureIT for Android features automated defend, detect and react capabilities by deploying various security techniques (called Guards) such as obfuscation, checksum, repair and anti-debug directly into the software code of each application for defense-in-depth. This layered protection of diverse guard types provides control, trust and tamper-resistance for the application.
Key features:
- Tunable security for mobile platforms and their application offerings
- Layered network of protections, with no single point of failure
- Self-heal in the event of an attack by restoring protections
- Requires no changes to source code
- Support for a broad range of emulators and devices
- Support for the entire Google development platform and other Android platforms
- Support for the ARM processor.