📄️ Secret Obfuscation
Most applications will have a need to store secrets inside an application; there are several ways to store a secret with different security requirements. Most of these methods are fairly easy to extract the intended information from the apk, even if obfuscated. To ensure secrets cannot be "de-obfuscated" they must be encrypted within the apk and decrypted at runtime.
📄️ Root Detection
A rooted device is able to change the runtime of the application and thus change its behaviour. It also increases the likelihood of third-party malicious applications to be installed and affecting unsuspecting applications to change their behaviour or extract sensitive information. Therefore detecting a rooted device is a way to protect against executing sensitive operations in less secure or possibly compromised environments.
📄️ Emulator Detection
An emulator can control the execution of its target application and modify its behaviour, bypass checks or extract sensitive information. There is usually no non-malicious reason to run an application within an emulator except for bypassing computing environment limitations imposed by the application itself, such as an old, unsupported, device. Therefore detecting an emulator will most likely correctly prevent an intended malicious use of the app.
📄️ Application Tampering Tools Detection
There are some tools that greatly simplify changing an application behaviour at runtime without resorting to a debugger/emulator. Those tools usually behave in the same manner as a debugger, settings breakpoints, monitoring its system and API calls, changing in-memory/variable values, overriding symbols to change their value/operations but can be automated to achieve specific and repeatable goals with minimal effort and targeting the application. Some are detected as if they are a debugger but root can help to try to hide their presence. Usually these tools leave traceable resources in the device that can be scanned for to try to prevent the app execution in the compromised device and its unintended use.
📄️ Application Integrity Validation
There are several integrity checks for the application to prevent running a tampered-with application which might compromise its intended secure operation.
📄️ Application Installation Vendor Validation
MPS validates the application installation method and source to ensure it is not directly installed from an apk or sideloadded (adb) and it was installed by an official app store such as Google Play Store and Huawei AppGallery. Installing through an alternative store or directly from the apk (downloaded from an apk mirror) is not allowed and will halt app execution.