Active Call Detection

Social engineering scams pose a serious problem for today’s banking and fintech apps. Malicious actors try to trick users into sending money away or into performing other harmful activities such as approving access to their accounts. This is often performed by direct phone calls. The actor first gains the user’s trust and then instructs him/her directly to perform a harmful action. For this reason, active call detection is an integral part of a financial app. The app can use the detection to prevent the user from doing sensitive operations while off-hook.

Malwarelytics for Apple is able to detect active calls.

Configuration

let raspConfig = AppProtectionRaspConfig(
    callDetection: SimpleDetectionConfig
    // configuration of other RASP features
)

Available values of SimpleDetectionConfig:

Active call detection defaults to .notify.

Usage

After service creation, the active call detection feature can be accessed via AppProtectionRasp. This can be used to add a delegate or to trigger a manual active call detection check.

Observing Detection

Active call detection can trigger a certain action. To achieve that, a delegate needs to be added.

Delegate configuration:

class RaspDelegate: AppProtectionRaspDelegate {

    // other delegate code

    func onCallChanged(isOnCall: Bool) {
        // handle active call detection
    }
}

The delegate can be added in AppProtectionRasp. When it is no longer needed, it can be removed again.

let raspDelegate = RaspDelegate()
appProtection.rasp.addDelegate(raspDelegate)
appProtection.rasp.removeDelegate(raspDelegate)

Triggering a Manual Check

Active call detection check can be triggered manually in AppProtectionRasp by getting the isOnCall property value. A simple Bool answer is given.

let isOnCall = appProtection.rasp.isOnCall

Read Next

• App Presence Detection