All Products
Search
Document Center

About Mobile Security Armor

Last Updated: Sep 23, 2021

Mobile Security Armor(MSA) service provides stable, simple and effective security protection for mobile application (App), improves the overall security level of applications, and protects applications from being cracked and attacked. MSA is powered by the mobile security reinforcement techniques of Alibaba Cloud Group. It has been tested and tried by Taobao series Apps (the amount of users and data are over 100 millions). It guarantees high reliability in terms of security. When you use the MSA service to reinforce mobile Apps of mPaaS, you can use the hotfix feature as usual. In other words, you can use the hotfix feature to fix bugs in an online version without concerning about the security of Apps.

MSA can reinforce Android Apps, but does not support iOS Apps.

Background

The Android system is open source. Therefore, Android Apps are extremely vulnerable to attacks such as piracy and reverse engineering. This severely affects the data and privacy security of the Apps. To resolve the preceding issues, MSA is developed to reinforce the APK or AAB packages and perform compatibility testing and functional regression testing on the reinforced APK or AAB packages, which can protect the Apps from being cracked.

Benefits

  • Comprehensive reinforcement capabilities
    MSA can integrate reinforcement techniques against various application security vulnerabilities in APK and AAB packages, without changing the source code of Android Apps. The overall security of the Apps is reinforced, which ensures the Apps cannot be pirated and infringed.
  • Excellent reinforcement performance
    The impact of reinforcement on the size of APK and AAB package and application performance is strictly controlled. Therefore, the size and performance of the Apps are not significantly changed after reinforcement.

How it works

MSA enhances the anti-cracking capabilities of applications by using various techniques, such as recompiling Android Apps, adding shells for protection, and modifying the sequence of command calls. Reinforcement intensity and compatibility are balanced, which can avoid the unavailable of Apps due to the blind pursuit of reinforcement strength in general reinforcement product.

Features

MSA provides the following reinforcement capabilities:

  • APK or AAB reinforcement:
    To protect the overall security of APK or AAB packages, MSA provides overall SSH and anti-tamper protection for DEX files and various techniques for APK or AAB packages. These techniques include anti-decompilation, preventing white box attacks, shell encryption algorithms, anti-debugging, anti-memory tampering, anti-hooking, anti-emulation, anti-repackaging, and anti-memory dump.
  • Class reinforcement:
    MSA obfuscates Java code to hide the actual operational process. This prevents the code from being decompiled by using JADX-GUI and JEB tools. In addition, this makes reinforced code difficult to be read manually.