Activity Protection
Some RASP features protect the app’s activities against various attacks. Here is a list of such features:
- Blocking screenshots of app screens
- Blocking screen readers from reading app screens
- Tapjacking protection
After SDK initialization, the features try to protect all the app’s activities. However, in certain scenarios, it’s possible that the SDK is not aware of all the activities and is unable to protect them. These are the cases when the initialization is delayed after the app has started and after a UI has been created.
The SDK contains two mechanisms to address such scenarios:
- Providing activity context in
AppProtectionConfig.Builder(Context)
. - Triggering explicit activity protection by calling
raspManager.protectActivity(Activity)
.
Configuration Context
Malwarelytics for Android SDK requires a context to be provided in the configuration builder AppProtectionConfig.Builder(Context)
. The SDK retrieves application context from the configuration during initialization. In case an activity context is provided the SDK tries to apply relevant RASP protection features to the referenced activity. This scenario is aimed primarily at single-activity apps that are frequently created by various webview-based cross-platform frameworks. To protect an activity, obtain the configuration builder this way:
val config = AppProtectionConfig.Builder(activity)
// configuration items
.build()
// proceed to SDK initialization
Triggering Explicit Activity Protection
In certain cases, an app might have created more than one activity before the SDK is initialized. To protect a set of activities a different approach has to be used. The SDK provides an API method in RaspManager
that can be used to protect any number of activities.
To protect an activity call:
raspManager.protectActivity(activity)
This method is expected to be called on the main thread.