22
Dedicate to Mobile APP Security

2015:The latest Android App Security Solution to protect your Android App

Embed Size (px)

Citation preview

Page 1: 2015:The latest Android App Security Solution to protect your Android App

Dedicate to Mobile APP Security

Page 2: 2015:The latest Android App Security Solution to protect your Android App

By Oct. 2014:

240,000 Android Apps30,000 Mobile Developers300,000,000 Smartphones

2010-5 series A round from IDG

2014-5 series C round from SIG

Certified Mobile Firewall Product Vendor in China

IEEE ICSG member Member of ANVA

Certified Android App Security Vendor in China

2013-4 series B round from IDG、Redpoint

Page 3: 2015:The latest Android App Security Solution to protect your Android App

【Running Env. Security】

VMware

【Device Security】

Symantec,

MacAfee, Kaspersky

【App Security】

BANGCLE

Page 4: 2015:The latest Android App Security Solution to protect your Android App

App

Change paid

to free App Malicious

payment

creation

Virus injection

Remove/byp

ass security

setting

App Repack

Illegal App

localization

Remove Ads

Plugin illegal

Ads

Page 5: 2015:The latest Android App Security Solution to protect your Android App

Evaluation AppShield App Release App Monitor App Management Statistic/BI

Before releasing security evaluation and shielding

APP Distribution Management

Programming Security

Source Code

Protection

Fishing App Monitoring

App Management•Data collection•Environment monitor

•Security EarlyWarning

•MessagePushing

Penetration Report

Code Auditing Report

App Distribution

Report

Competitor Report

Piracy Monitoring

App Monitor/Early warning

Assist toupload to download

sites

Pirated/fishing App Removing

Data Security

Environment Security

Business Security

Storage Protection

Data Protection

Protocol Protection

Environment Monitoring

Page 6: 2015:The latest Android App Security Solution to protect your Android App

Source Code Audit (White-box)

App Penetration Service

(Black-Box)

Page 7: 2015:The latest Android App Security Solution to protect your Android App

Symmetric Encryption

White-box cryptography + AES technology

USA federal government standard

IBM, Arxan, InterTrust etc

Page 8: 2015:The latest Android App Security Solution to protect your Android App

Hack TechnologyCurrent Solution onAndroid Platform

Bangcle Defend Best Practices on Android

Reverse Engineering Code obfuscation Code EncryptionAnti Reverse Engineering

App Integrity CheckAnti tampering

Debugging N/A Anti-DebuggingLow level trap detectionMemory monitoring and detection

Self ProtectionReactivate when App is compromised

Illegal Data Copy Encrypt key can be easy found by disassemble Apk

Transparent Strong EncryptionCombined with code encryptionEncrypt key secured by white-box technology

Bind IMEI with Encrypt keyPrevent data file being copied out

Page 9: 2015:The latest Android App Security Solution to protect your Android App
Page 10: 2015:The latest Android App Security Solution to protect your Android App

Mobile App Game Developers

Mobile Banking App Developers

Black-Box

Cloud USA

5 – 10 Minutes

No code change needed

Upload App

Cloud Shielding (5-10 minutes)

Download App

Sign Apps -> Test -> Release

Page 11: 2015:The latest Android App Security Solution to protect your Android App

Competitors

V0.5 Code Obfuscation

VS.JAVA Class

Loader

VS.JAVA VIM

VS.CPU VIM

SO Protection

Local Data Protection

Unity Script Protection

VS.

BANGCLE

Page 12: 2015:The latest Android App Security Solution to protect your Android App

Crawlers

Data Analysis

Data Storage

App Similarity Analysis Engine

Report Generator

APK

310 Download

site

Information

App Distribution Monitor Report

Web

Page 13: 2015:The latest Android App Security Solution to protect your Android App

Secured Soft KeyboardSDK

Anti-Game CheatsSDK

Page 14: 2015:The latest Android App Security Solution to protect your Android App
Page 15: 2015:The latest Android App Security Solution to protect your Android App

Question 1 : How long it will take us to shield an App?

Answer:

Within 15 minutes. However, normal processing time is less than 10 minutes include virus

scan service

Question 2 : Can you secure Apk SO, log, audio and other resource files ?

Answer:

Yes. We can manually encrypt them

Question 3: How can we try it?

Answer:

Yes. You can try a non commercial version Appshield in www.secneo.com or send your

request to [email protected] for a banking grade security product and service.

Page 16: 2015:The latest Android App Security Solution to protect your Android App

①. Perfectly Mudded Apps

In 2012, it’s hard to find such perfect hacked App with all

original App’s features. Today, you can find them

everywhere

②. Free Gold Coin Mudded Games

It’s the games killer. “Flappy Bird”’s challenge attracted

millions players but a game without challenge wouldn’t last

long

③. Standard Mobile Game Cheats Tools

There are 25 different Cheats tools in the market include:

Freedom, GameGardian, HaXplorer, etc. Many of them

combine memory modification and speeding control

feature.

④. Game Specific Mobile Game Cheats Tools

This is the game killing machine. It can be found anywhereincludes Youtube or sold in eBay, Taobao and othersmarket.

⑤. Mobile Game Grade Upgrading-Service and trading

It’s very popular and big business in Japan, China,Korea and Taiwan. Cheaters use cheats tools to upgradingplayer’s grade without paying a dime. Players pay by theeach game level

⑥. Cracked Mobile Game Servers

If you’ve seen over 2000 “Cracked Minecraft Servers”, you

wouldn’t be surprised seeing fast growing cracked mobile

game servers in 2014. Typical example is “Heroes

Fantasy”’: www.hxyxsf.com/down.html

Page 17: 2015:The latest Android App Security Solution to protect your Android App

⑨. Mobile Source Code Market

What you don’t know is that under the table people

trading reversed game source code.

⑩. Mobile Game Re-packers

Mobile game re-packers are making more moneythan some original game developers. The cost forre-packers almost nothing: hack, repack thenuploading to 200+ download sites.

⑧. Mobile Game Parts Market

Never heard of it? You may find those cost yourmillion’s dollars created UI, pictures, soundsdocuments sold in market of 5 dollars. Mobilegame junk yard business is growing faster market

⑦. PC Virtual Machine Cheats

This is the popular way of using PC software forskilled players to cheat

Page 18: 2015:The latest Android App Security Solution to protect your Android App

Name Log Version Types Notes

Freedom 1.0.6 Hack Google Play iAP Tool

DaX Atk 2.0.5 App Memory Modification Tool

GameBooster 2.0.4 Game Speed Control Tool Modify System Speed

GameCIH 3.0.0 App Memory Modification and Speed Control Tool Modify Frequency Speed

Game Guardian 6.0.5 App Memory Modification

HaXplorer 3.3.1 App Memory Modification

GameCIH2 2.2.3 App Memory Modification

Page 19: 2015:The latest Android App Security Solution to protect your Android App

Name Logo Version Type Notes

八门神器 2.61 App Memory Modification Tool

烧饼修改器 3.1 App Memory Modification and Speed Control ToolModify Frequency Speed

变形金刚修改器 2.6.3 App Memory Modification Tool

烧饼免root修改器 4.0 App Memory Modification and Speed Control ToolModify Frequency Speed

安卓游戏加速器 1.2.8 Speed Control ToolModify Frequency Speed

安卓游戏助手 1.3 Speed Control ToolModify Frequency Speed

葫芦侠 2.6.5 App Memory Modification and Speed Control ToolModify Frequency Speed

Page 20: 2015:The latest Android App Security Solution to protect your Android App

Name Logo Version Type Notes

游戏助手 2.1.1 App Memory Modification Tool

泡椒修改器 5.5.1 App Memory Modification Tool

手机游侠 1.8.9 App Memory Modification and Speed Control Tool Modify Frequency Speed

天天游戏加速器 2.2.0 Speed Control Tool Modify System Speed

游戏加速器 2.2.0 Speed Control Tool Modify System Speed

游戏加速精灵 1.0.5 Speed Control Tool Modify Frequency Speed

游戏加速器 1.3 Speed Control Tool Modify System Speed

Page 21: 2015:The latest Android App Security Solution to protect your Android App

You spend millions on App security but still got hacked

Your App has many users but few paying

You spend more money on security issue than paying third party professionals

Your developers spend more time on security than writing codes

Your QA spending over 15% testing time on App security

You have to give up a million-dollars game design because of game security control

problem

When you choose game engines, security is the top concern

Your developers think they can defeat Hackers

Page 22: 2015:The latest Android App Security Solution to protect your Android App

www.secneo.com

THANK YOU

Contact: [email protected]