Activity Protection

Some RASP features protect app’s activities against various attacks. Here is a list of such features:

After SDK initialization, the features try to protect all the app’s activities. However, in certain scenarios, it’s possible that the SDK is not aware of all the activities and is unable to protect them. These are the cases when the initialization is delayed after the app has started and after a UI has been created.

The SDK contains two mechanisms to address such scenarios:

  • Providing activity context in AppProtectionConfig.Builder(Context).
  • Triggering explicit activity protection by calling raspManager.protectActivity(Activity).

Configuration Context

Malwarelytics for Android SDK requires a context to be provided in the configuration builder AppProtectionConfig.Builder(Context). The SDK retrieves application context from the configuration during initialization. In case an activity context is provided the SDK tries to apply relevant RASP protection features to the referenced activity. This scenario is aimed primarily on single-activity apps that are frequently created by various webview-based cross-platform frameworks. In order to protect an activity, obtain configuration builder this way:

val config = AppProtectionConfig.Builder(activity)
            // configuration items
            .build()
// proceed to SDK initialization

Triggering Explicit Activity Protection

In certain cases an app might have created more than one activity before the SDK is initialized. In order to protect a set of activities a different approach has to be used. The SDK provides API method in RaspManager that can be used to protect any number activities.

To protect an activity call:

raspManager.protectActivity(activity)

This method is expected to be called on the main thread.

Last updated on Nov 30, 2022 (12:42) View product
Search

0.23.x

Malwarelytics for Android