Active Call Detection
Social engineering scams pose a serious problem for today banking and fintech apps. Malicious actors try to trick users into sending money away or into performing other harmful activities such as approving access to their accounts. This is often performed by direct phone calls. The actor first gains user’s trust and them instructs him/her directly to performed the harmful action. For this reason active call detection is an integral part of a financial app. The app can use it to prevent the user from doing sensitive operation while off-hook.
Malwarelytics for Android is able to detect active calls. It can detect ringing phone, ongoing phone calls, and idle devices. In some cases it is able to detect even more - ongoing audio/video VoIP calls, call redirects and call screenings. Detection of these details depend on the version of Android OS and the apps handling the non-telephony calls.
Configuration
This feature can be configured during the Malwarelytics initialization phase:
val raspConfig = RaspConfig.Builder()
.checkActiveCall(Boolean)
// configuration of other RASP features
.build()
Method | Description |
---|---|
checkActiveCall(Boolean) |
indicates whether active calls should be detected automatically. Defaults to true . |
Usage
After initialization, the active call detection feature can be accessed via RaspManager
. This can be used to register an observer or to trigger a manual active call detection check.
Registering an Observer
Active call detection can trigger a certain action. To achieve that, an observer needs to be configured and registered.
Observer configuration:
val raspObserver = object : RaspObserver {
override fun onActiveCallDetected(activeCallDetection: ActiveCallDetection) {
// handle active call detection
}
// handle detection of other RASP features
}
The observer can be registered in RaspManager
. When it is no longer needed, it can be unregistered again.
raspManager.registerRaspObserver(raspObserver)
raspManager.unregisterRaspObserver(raspObserver)
Triggering a Manual Check
Active call detection check can be triggered manually in RaspManager
. Two methods are available - isCallActive()
gives a simple boolean answer, whereas getActiveCallDetection()
provides more details.
val isCallActive = raspManager.isCallActive()
val activeCallDetection = raspManager.getActiveCallDetection()
More information on general RASP feature configuration and usage can be found in this overview.