Activity Protection

Some RASP features protect the app’s activities against various attacks. Here is a list of such features:

After SDK initialization, the features try to protect all the app’s activities. However, in certain scenarios, it’s possible that the SDK is not aware of all the activities and is unable to protect them. These are the cases when the initialization is delayed after the app has started and after a UI has been created.

The SDK contains two mechanisms to address such scenarios:

  • Providing activity context in AppProtectionConfig.Builder(Context).
  • Triggering explicit activity protection by calling raspManager.protectActivity(Activity).

Configuration Context

Malwarelytics for Android SDK requires a context to be provided in the configuration builder AppProtectionConfig.Builder(Context). The SDK retrieves application context from the configuration during initialization. In case an activity context is provided the SDK tries to apply relevant RASP protection features to the referenced activity. This scenario is aimed primarily at single-activity apps that are frequently created by various webview-based cross-platform frameworks. To protect an activity, obtain the configuration builder this way:

val config = AppProtectionConfig.Builder(activity)
            // configuration items
            .build()
// proceed to SDK initialization

Triggering Explicit Activity Protection

In certain cases, an app might have created more than one activity before the SDK is initialized. To protect a set of activities a different approach has to be used. The SDK provides an API method in RaspManager that can be used to protect any number of activities.

To protect an activity call:

raspManager.protectActivity(activity)

This method is expected to be called on the main thread.

Last updated on Nov 21, 2023 (13:06) View product
Search

develop

Malwarelytics for Android