Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.
Dedicate to Mobile APP Security
By Oct. 2014:
240,000 Android Apps
30,000 Mobile Developers
300,000,000 Smartphones
2010-5 series A round from IDG
2014-5 ...
【Running Env. Security】
VMware
【Device Security】
Symantec,
MacAfee, Kaspersky
【App Security】
BANGCLE
App
Change paid
to free App Malicious
payment
creation
Virus injection
Remove/byp
ass security
setting
App Repack
Illegal ...
Evaluation AppShield App Release App Monitor App Management Statistic/BI
Before releasing security
evaluation and shieldin...
Source Code Audit
(White-box)
App Penetration
Service
(Black-Box)
 Symmetric Encryption
 White-box cryptography + AES technology
 USA federal government standard
 IBM, Arxan, InterTrus...
Hack Technology
Current Solution on
Android Platform
Bangcle Defend Best Practices on Android
Reverse Engineering  Code o...
Mobile App Game Developers
Mobile Banking App Developers
Black-Box
Cloud USA
5 – 10 Minutes
No code change needed
Upload...
Competitors
V0.5
Code Obfuscation
VS.
JAVA Class
Loader
VS.
JAVA VIM
VS.
CPU VIM
SO Protection
Local Data Protection
Unity...
Crawlers
Data Analysis
Data
Storage
App Similarity
Analysis Engine
Report Generator
APK
310 Download
site
Information
App ...
Secured Soft Keyboard
SDK
Anti-Game Cheats
SDK
Question 1 : How long it will take us to shield an App?
Answer:
Within 15 minutes. However, normal processing time is less...
①. Perfectly Mudded Apps
In 2012, it’s hard to find such perfect hacked App with all
original App’s features. Today, you c...
⑨. Mobile Source Code Market
What you don’t know is that under the table people
trading reversed game source code.
⑩. Mobi...
Name Log Version Types Notes
Freedom 1.0.6 Hack Google Play iAP Tool
DaX Atk 2.0.5 App Memory Modification Tool
GameBooste...
Name Logo Version Type Notes
八门神器 2.61 App Memory Modification Tool
烧饼修改器 3.1 App Memory Modification and Speed Control To...
Name Logo Version Type Notes
游戏助手 2.1.1 App Memory Modification Tool
泡椒修改器 5.5.1 App Memory Modification Tool
手机游侠 1.8.9 A...
 You spend millions on App security but still got hacked
 Your App has many users but few paying
 You spend more money ...
www.secneo.com
THANK YOU
Contact: Nicole.ban@secneo.com
2015:The latest Android App Security Solution to protect your Android App
2015:The latest Android App Security Solution to protect your Android App
Upcoming SlideShare
Loading in …5
×

2015:The latest Android App Security Solution to protect your Android App

This solution (symmetric encryption, no backdoor) has been running in Google Play market for past 2 years on thousands different apps and over 100 million cellphones worldwide.

  • Be the first to comment

2015:The latest Android App Security Solution to protect your Android App

  1. 1. Dedicate to Mobile APP Security
  2. 2. By Oct. 2014: 240,000 Android Apps 30,000 Mobile Developers 300,000,000 Smartphones 2010-5 series A round from IDG 2014-5 series C round from SIG  Certified Mobile Firewall Product Vendor in China  IEEE ICSG member  Member of ANVA  Certified Android App Security Vendor in China 2013-4 series B round from IDG、Redpoint
  3. 3. 【Running Env. Security】 VMware 【Device Security】 Symantec, MacAfee, Kaspersky 【App Security】 BANGCLE
  4. 4. App Change paid to free App Malicious payment creation Virus injection Remove/byp ass security setting App Repack Illegal App localization Remove Ads Plugin illegal Ads
  5. 5. Evaluation AppShield App Release App Monitor App Management Statistic/BI Before releasing security evaluation and shielding APP Distribution Management Programming Security Source Code Protection Fishing App Monitoring App Management •Data collection •Environment monitor •Security Early Warning •Message Pushing Penetration Report Code Auditing Report App Distribution Report Competitor Report Piracy Monitoring App Monitor/Early warning Assist to upload to download sites Pirated/fishing App Removing Data Security Environment Security Business Security Storage Protection Data Protection Protocol Protection Environment Monitoring
  6. 6. Source Code Audit (White-box) App Penetration Service (Black-Box)
  7. 7.  Symmetric Encryption  White-box cryptography + AES technology  USA federal government standard  IBM, Arxan, InterTrust etc
  8. 8. Hack Technology Current Solution on Android Platform Bangcle Defend Best Practices on Android Reverse Engineering  Code obfuscation  Code Encryption Anti Reverse Engineering  App Integrity Check Anti tampering Debugging N/A  Anti-Debugging Low level trap detection Memory monitoring and detection  Self Protection Reactivate when App is compromised Illegal Data Copy  Encrypt key can be easy found by disassemble Apk  Transparent Strong Encryption Combined with code encryption Encrypt key secured by white-box technology  Bind IMEI with Encrypt key Prevent data file being copied out
  9. 9. Mobile App Game Developers Mobile Banking App Developers Black-Box Cloud USA 5 – 10 Minutes No code change needed Upload App Cloud Shielding (5-10 minutes) Download App Sign Apps -> Test -> Release
  10. 10. Competitors V0.5 Code Obfuscation VS. JAVA Class Loader VS. JAVA VIM VS. CPU VIM SO Protection Local Data Protection Unity Script Protection VS. BANGCLE
  11. 11. Crawlers Data Analysis Data Storage App Similarity Analysis Engine Report Generator APK 310 Download site Information App Distribution Monitor Report Web
  12. 12. Secured Soft Keyboard SDK Anti-Game Cheats SDK
  13. 13. Question 1 : How long it will take us to shield an App? Answer: Within 15 minutes. However, normal processing time is less than 10 minutes include virus scan service Question 2 : Can you secure Apk SO, log, audio and other resource files ? Answer: Yes. We can manually encrypt them Question 3: How can we try it? Answer: Yes. You can try a non commercial version Appshield in www.secneo.com or send your request to Nicole.ban@secneo.com for a banking grade security product and service.
  14. 14. ①. Perfectly Mudded Apps In 2012, it’s hard to find such perfect hacked App with all original App’s features. Today, you can find them everywhere ②. Free Gold Coin Mudded Games It’s the games killer. “Flappy Bird”’s challenge attracted millions players but a game without challenge wouldn’t last long ③. Standard Mobile Game Cheats Tools There are 25 different Cheats tools in the market include: Freedom, GameGardian, HaXplorer, etc. Many of them combine memory modification and speeding control feature. ④. Game Specific Mobile Game Cheats Tools This is the game killing machine. It can be found anywhere includes Youtube or sold in eBay, Taobao and others market. ⑤. Mobile Game Grade Upgrading-Service and trading It’s very popular and big business in Japan, China, Korea and Taiwan. Cheaters use cheats tools to upgrading player’s grade without paying a dime. Players pay by the each game level ⑥. Cracked Mobile Game Servers If you’ve seen over 2000 “Cracked Minecraft Servers”, you wouldn’t be surprised seeing fast growing cracked mobile game servers in 2014. Typical example is “Heroes Fantasy”’: www.hxyxsf.com/down.html
  15. 15. ⑨. Mobile Source Code Market What you don’t know is that under the table people trading reversed game source code. ⑩. Mobile Game Re-packers Mobile game re-packers are making more money than some original game developers. The cost for re-packers almost nothing: hack, repack then uploading to 200+ download sites. ⑧. Mobile Game Parts Market Never heard of it? You may find those cost your million’s dollars created UI, pictures, sounds documents sold in market of 5 dollars. Mobile game junk yard business is growing faster market ⑦. PC Virtual Machine Cheats This is the popular way of using PC software for skilled players to cheat
  16. 16. Name Log Version Types Notes Freedom 1.0.6 Hack Google Play iAP Tool DaX Atk 2.0.5 App Memory Modification Tool GameBooster 2.0.4 Game Speed Control Tool Modify System Speed GameCIH 3.0.0 App Memory Modification and Speed Control Tool Modify Frequency Speed Game Guardian 6.0.5 App Memory Modification HaXplorer 3.3.1 App Memory Modification GameCIH2 2.2.3 App Memory Modification
  17. 17. Name Logo Version Type Notes 八门神器 2.61 App Memory Modification Tool 烧饼修改器 3.1 App Memory Modification and Speed Control Tool Modify Frequency Speed 变形金刚修改器 2.6.3 App Memory Modification Tool 烧饼免root修改器 4.0 App Memory Modification and Speed Control Tool Modify Frequency Speed 安卓游戏加速器 1.2.8 Speed Control Tool Modify Frequency Speed 安卓游戏助手 1.3 Speed Control Tool Modify Frequency Speed 葫芦侠 2.6.5 App Memory Modification and Speed Control Tool Modify Frequency Speed
  18. 18. Name Logo Version Type Notes 游戏助手 2.1.1 App Memory Modification Tool 泡椒修改器 5.5.1 App Memory Modification Tool 手机游侠 1.8.9 App Memory Modification and Speed Control Tool Modify Frequency Speed 天天游戏加速器 2.2.0 Speed Control Tool Modify System Speed 游戏加速器 2.2.0 Speed Control Tool Modify System Speed 游戏加速精灵 1.0.5 Speed Control Tool Modify Frequency Speed 游戏加速器 1.3 Speed Control Tool Modify System Speed
  19. 19.  You spend millions on App security but still got hacked  Your App has many users but few paying  You spend more money on security issue than paying third party professionals  Your developers spend more time on security than writing codes  Your QA spending over 15% testing time on App security  You have to give up a million-dollars game design because of game security control problem  When you choose game engines, security is the top concern  Your developers think they can defeat Hackers
  20. 20. www.secneo.com THANK YOU Contact: Nicole.ban@secneo.com

×