Emulator Detection

An emulator can control the execution of its target application and modify its behaviour, bypass checks or extract sensitive information. There is usually no non-malicious reason to run an application within an emulator except for bypassing computing environment limitations imposed by the application itself, such as an old, unsupported, device. Therefore detecting an emulator will most likely correctly prevent an intended malicious use of the app.

Using an emulator such as BlueStacks (https://support.bluestacks.com/hc/en-us) allows us to circumvent some app restrictions such as minimum API version (android version), device type (running an app that cannot be run on tablets, smart watches, etc.), processor architecture (x86 vs arm, 32-bit vs 64-bit), and some other restrictions that an app can place on the computing environment. It is very easy to install and setup an otherwise unsupported platform to run an application. Detecting an emulated platform is therefore necessary to ensure the app is running as intended in the supported environments only.