Mobile Security Armor (MSA) provides stable, simple, and efficient security protection for mobile apps. The service improves the overall security of apps, protecting the apps from being reverse-cracked.
Background
Security hardening for Android apps
The Android system is open source. Therefore, Android apps are extremely vulnerable to attacks such as piracy and reverse engineering. This severely affects the data and privacy security of the apps. mPaaS MSA hardens APK and AAB packages and performs compatibility testing and functional regression testing on the hardened APK and AAB packages. MSA protects the apps from being cracked.
Security hardening for iOS apps
As cracking and analysis technologies keep evolving, the built-in security protection measures of the iOS system, including IPA encryption, can no longer meet the security requirements of iOS apps. mPaaS MSA hardens the core code by using a secure compiler, to greatly increase the difficulty of reverse analysis and effectively prevent cracking and attacks.
Benefits
Ease of use and out-of-the-box
Android apps can be hardened by uploading APK files. The iOS apps can be hardened by using the Xcode compiler.
High stability and compatibility
MSA is based on the mobile security hardening technologies provided by Alibaba Cloud. MSA has been proven by hundreds of millions of transactions in the Taobao ecosystem. This service ensures both high security and high compatibility and delivers low crash rates. MSA supports ARM, AARCH64, X86, X64, and all Android system versions ranging from Android V4.2 to Android Q. The iOS security compiler supports multiple languages and provides stable performance.
Java2C hardening, ensuring higher security
Bytecode is converted into native binary code to increase the difficulty of code cracking. The code is compiled into a .so file that can be called by JNI, which prevents attackers from reverse analyzing the Java code.
Enterprise-grade capabilities
Open APIs of MSA are provided to facilitate integration with customer systems such as Jenkins and improve automation efficiency. MSA can be used with the hotfix feature and supports mainstream hotfix capabilities, including mPaaS hotfix, Alibaba hotfix, and Tencent Tinker hotfix.
Features
MSA provides the following hardening capabilities for Android apps. For more information about hardening capabilities, see Terminology.
Security hardening capabilities for Android apps include hardening on APK and AAB packages and hardening on classes.
Security hardening capabilities for iOS apps include constant encryption, instruction replacement, control flow flattening, branch-based fraud prevention, junk code and ineffective code insertion, call graph obfuscation, symbolic encryption, and pointer encryption.