Digicentre Launches appGuard to Keep Apps Safe

2015/09/02

According to research published by Gartner, a surge in shipments of affordable smart phones has seen global shipments of smart phones exceed 1 billion units each year for two years running. Apart from the boost to social networking, the number of apps on Google Play and Apple Store have rocketed as well. Google Play in particular saw the number of apps double over the course of 2014. 

Statistics from app analysis company App Annie showed that the Google Play platform has around 300,000 more apps than Apple Store. Google Play is therefore 17% larger and is now the largest mobile app service platform in the world. Hackers have picked up on this trend as well by deliberately releasing malicious apps targeted at consumers, making Google Play a new channel for the distribution of malware.

Digicentre CEO Xu Wu said that the Android operating system developed by Google tries to be an open platform. This means system protection is weaker making it vulnerable to hacker attacks. Unlike Apple Store, the Google Play platform does not have a strict app listing system as well. This allows developers with ill intent to easily embed malicious content in their code and then distribute it over the Google Platform to consumers' mobile phones. 

There are also many brands of Android mobile phones on the market. Each vendor is also constantly releasing new models. When Google releases a patch, not every Android mobile phone user can get an update for their system right away. All these users without updates become the most vulnerable targets for hacker attacks. 


 Android Platform Has Many Inherent Problems and the Apps Can Also Be Cracked

Close analysis of the reason why apps on the Android platform are targeted often show that the number one reason is inherent problems in the system itself due to the Android system choosing Java as its main language for app development. Java is a semi-interpreted language. Once a program has been written the source code is not directly compiled and it is saved as machine code that is hard for humans to read. This means it's possible to decompile the program to get its source code. Once the source code has been acquired, the hacker can read through it to identify flaws or vulnerabilities in the program. 

According to Digicentre, more than 90 of the top 100 top games on the Google Play platform are vulnerable to being decompiled to get their source code. The Android system does not impose restrictions of the source of apps that can be installed. This encourages many users to download modified/cracked apps containing malware from third-party platforms without security certification. This has led to many information security problems.

Xu noted that most app developers focus on knowledge and techniques related to the functional side of the app. They have little understanding of software security so the programs they develop are all wide-open to all kinds of hacker attacks. 

Among the more serious vulnerabilities that developers tend to neglect, the first is the lack of an integrity check. This allows apps to be re-packaged, modified or infected with malware then provided for download on other platforms. This increases the risk of users using compromised apps. Second is not protecting the app against debuggers or insertion of malicious code. Hackers can therefore use debugger tools to easily observe and control the app's operations and execution flow. They can then develop malware that targets the original app to tamper with online transactions or steal important data. The last is storing important data in non-encrypted form. Hackers can then easily steal important app data such as personal details, transaction records and electronic transaction certificates.


 appGuard is easy to use and provides protection in 30 minutes

As many hacker organizations are now making apps their target, many IT security vendors have begun offering security services for app developers. These claim to review the source code to prevent potential IT security threats. This traditional approach, however, takes a great deal of time and manpower. It is therefore not cost-effective in the mobile age when the overall level of protection is measured against the costs. 

Xu feels that source code reviews may find all the vulnerabilities in the source code but this does necessarily mean the developers will know how to fix it. Even if they do implement a fix this is no guarantee that no few vulnerabilities will emerge. appGuard by comparison provides direct protection of the app. The software developer does not need to provide their source code or the help of R&D personnel. It secures the binary file (APK) itself. 

Unlike the protective mechanisms offered by other vendors, appGuard protection can be implemented very quickly. The secured APK file is provided to the customer after about half an hour and can be listed after signature testing. Digicentre can also provide a risk assessment report before providing protection to help the developers understand and patch potential problems. 

Xu noted that appGuard is a fully featured system that offers four key functions: protection against reverse engineering; protection against tampering; blocking of debuggers, cheats and malicious code; encryption of stored data. Digicentre also offers a professional customized version of appGuard that offers software developers with a greater range of services to meet user requirements in different environments.