android app security solution

Dedicate to Mobile APP Security By Jayson Li 2014-11-25 www.secneo.com

Sales Contact: Jayson.Li@secneo.com or Nicole.Ban@secneo.com

About BANGCLE

By Oct. 2014:

240,000 Android Apps30,000 Mobile Developers300,000,000 Smartphones

2010-5 series A round from IDG

2014-5 series C round from SIG

Certified Mobile Firewall Product Vendor in China

IEEE ICSG member

Member of ANVA

Certified Android App Security Vendor in China

2013-4 series B round from IDG、Redpoint

【Running Env. Security】

VMware

【Device Security】

Symantec,

MacAfee, Kaspersky

【App Security】

BANGCLE

App

Change paid

to free App Malicious

payment

creation

Virus injection

Remove/bypass security setting

App Repack

Illegal App

localization

Remove Ads

Plugin illegal

Ads

Evaluation AppShield App Release App Monitor App Management Statistic/BI

Before releasing security evaluation and shielding

APP Distribution Management

Programming Security

Source Code

Protection

Fishing App Monitoring

App Management•Data collection•Environment monitor

•Security EarlyWarning

•MessagePushing

Penetration Report

Code Auditing Report

App Distribution

Report

Competitor Report

Piracy Monitoring

App Monitor/Early warning

Assist toupload to download

sites

Pirated/fishing App Removing

Data Security

Environment Security

Business Security

Storage Protection

Data Protection

Protocol Protection

Environment Monitoring

Source Code Audit (White-box)

App Penetration Service

(Black-Box)

Symmetric Encryption

White-box cryptography + AES technology

USA federal government standard

IBM, Arxan, InterTrust etc

Hack TechnologyCurrent Solution onAndroid Platform

Bangcle Defend Best Practices on Android

Reverse Engineering Code obfuscation Code EncryptionAnti Reverse Engineering

App Integrity CheckAnti tampering

Debugging N/A Anti-DebuggingLow level trap detectionMemory monitoring and detection

Self ProtectionReactivate when App is compromised

Illegal Data Copy Encrypt key can be easy found by disassemble Apk

Transparent Strong EncryptionCombined with code encryptionEncrypt key secured by white-box technology

Bind IMEI with Encrypt keyPrevent data file being copied out

Mobile App Game Developers

Mobile Banking App Developers

Black-Box

Cloud USA

5 – 10 Minutes

No code change needed

Upload App

Cloud Shielding (5-10 minutes)

Download App

Sign Apps -> Test -> Release

Competitors

V0.5 Code Obfuscation

VS.JAVA Class

Loader

VS.JAVA VM

VS.CPU VIM

SO Protection

Local Data Protection

Unity Script Protection

VS.

BANGCLE

Crawlers

Data Analysis

Data Storage

App Similarity Analysis Engine

Report Generator

APK

310 Download

site

Information

App Distribution Monitor Report

Web

Secured Soft KeyboardSDK

Anti-Game CheatsSDK

Question 1 : What are AppShield impact to App performance and compatibility?

Answer:

Result from over 30,000 App and 150 different smartphones in China, USA, EU, Japan,

Korea, HK, TW

Apk size increased 800k - 2000k depend on App and security levels

CPU usage increase 2% ～ 8%

Memory usage increase 4% ～ 10%

APP start up time increase 0.1s ～ 0.9s

No compatibility issue for majority brand cellphones

Support ARM, x86

Question 2 : How long it will take us to shield an App?

Answer:

Within 15 minutes. However, normal processing time is less than 10 minutes include virus scan service

Question 3 : Can you secure Apk SO, log, audio and other resource files ?

Answer: Yes. We can manually encrypt them

Question 4: How can we try it?

Answer:

Yes. You can try a non commercial version Appshield in www.secneo.com or send your

request to Jayson.li@secneo.com for a banking grade security product and service.

You spend millions on App security but still got hacked

Your App has many users but few paying

You spend more money on security issue than paying third party professionals

Your developers spend more time on security than writing codes

Your QA spending over 15% testing time on App security

You have to give up a million-dollars game design because of game security control

problem

When you choose game engines, security is the top concern

Your developers think they can defeat Hackers

www.secneo.com

THANK YOU

Sales Contact: Jayson.Li@secneo.com or Nicole.Ban@secneo.com