Select release
Introduction

Home

Installation

Configuration

Google Play Prominent Disclosure

Release Notes

Runtime Protection

RASP Features Overview

Debugger Detection

Emulator Detection

Root Detection

Repackaging Detection

Blocking Screen Readers

Screen Sharing Detection

Blocking Screenshots

Tapjacking Protection

HTTP Proxy Detection

Screen Lock Usage

Google Play Protect Status

Changing Process Name

Detection of ADB Status

Detection of Developer Options Status

Detection of Biometry Enrollment Status

Activity protection

Anti-Malware

Anti-Malware Use-Cases

Anti-Malware Feature Overview

Malware Threat Identification

Malware Threat Mitigation

Listening to App Changes

Installer identification

Smart Protection

Smart Protection UI Customization

Activity Protection

View product v0.22.1

Some RASP features protect app’s activities against various attacks. Here is a list of such features:

After SDK initialization, the features try to protect all the app’s activities. However, in certain scenarios, it’s possible that the SDK is not aware of all the activities and is unable to protect them. These are the cases when the initialization is delayed after the app has started and after a UI has been created.

The SDK contains two mechanisms to address such scenarios:

  • Providing activity context in AppProtectionConfig.Builder(Context).
  • Triggering explicit activity protection by calling raspManager.protectActivity(Activity).

Configuration Context

Malwarelytics for Android SDK requires a context to be provided in the configuration builder AppProtectionConfig.Builder(Context). The SDK retrieves application context from the configuration during initialization. In case an activity context is provided the SDK tries to apply relevant RASP protection features to the referenced activity. This scenario is aimed primarily on single-activity apps that are frequently created by various webview-based cross-platform frameworks. In order to protect an activity, obtain configuration builder this way:

val config = AppProtectionConfig.Builder(activity)
            // configuration items
            .build()
// proceed to SDK initialization

Triggering Explicit Activity Protection

In certain cases an app might have created more than one activity before the SDK is initialized. In order to protect a set of activities a different approach has to be used. The SDK provides API method in RaspManager that can be used to protect any number activities.

To protect an activity call:

raspManager.protectActivity(activity)

This method is expected to be called on the main thread.

Last updated on Nov 30, 2022 (13:42) View product
On this page:
Search

0.22.x

Malwarelytics for Android