iOS
Required software
- iOS/iPadOS 11+
- Xcode version 15.0 or later
Include MobileProtectionShield into your project
After obtaining the framework, open your project in Xcode, select the correct target, go to "General" tab and add MobileProtectionShield.xcframework to "Frameworks and Libraries", make sure to not embed the dependency, it's a static library.
Configure Your Project
Your project will need to specify some URL schemes to allow the MobileProtectionShield to detect some other applications that are related to Jailbreak. In your main target's Info.plist add the following items:
<key>LSApplicationQueriesSchemes</key>
<array>
<string>undecimus</string>
<string>sileo</string>
<string>zbra</string>
<string>filza</string>
<string>activator</string>
</array>
Note: This step is optional but can greatly improve the detection of compromised environments. In your main target Info.plist
Initialize
While MPS can be initialized at any point during the application lifecycle, it is recommended to do so at application startup. This ensures that environment integrity validation is in place from the beginning, providing protection throughout the app's runtime.
The MPS.load() method should be called on the main thread. It can be invoked multiple times and does not require the resulting instance to be stored or retained in memory.
However, be aware that MPS.load() is a relatively expensive and blocking operation. To avoid performance issues, it should be used sparingly and only when necessary.
import MobileProtectionShield // 1) Import
print(MPS.Version)
let mps = MPS.load() // Load the library
Environment verifications
Since MPS does not collect or retain any environment data, it’s important that you handle logging on your side. For effective monitoring and debugging, ensure you log both the thread on which MPS was initialized and the code parameter returned by the validation.
if !mps.isVaultUnlocked {
logger.remote("MPS - Compromised", parameters: [
"isJailbroken": mps.isJailbroken,
"isCompromisedEnvironment": mps.isCompromisedEnvironment,
"isSimulator": mps.isSimulator,
"isVaultUnlocked": mps.isVaultUnlocked,
"isIntegrityBroken": mps.isIntegrityBroken,
"isLicenseInvalid": mps.isLicenseInvalid,
// Troubleshooting
"code": mps.code
"thread": Thread.current.name ?? '_Unknown',
"app_state": UIApplication.shared.applicationState.rawValue
])
}
MPS allows your application to verify the integrity of its runtime environment by returning specific flags that indicate the outcome of various validation checks.
let isJailbroken: Bool = mps.isJailbroken
let isCompromisedEnvironment: Bool = mps.isCompromisedEnvironment
let isSimulator: Bool = mps.isSimulator
let isIntegrityBroken: Bool = mps.isIntegrityBroken
let isLicenseInvalid: Bool = mps.isLicenseInvalid
let isVaultUnlocked: Bool = mps.isVaultUnlocked // returns true if the required validations passed
let code: String = mps.code // This code can be used to know why the device is compromised.
Secrets
MPS securely stores sensitive information, which can only be retrieved if the environment passes integrity checks based on your defined security specifications. This method is thread-safe and can be invoked at any point during the application lifecycle, from any thread.
If the environment integrity check fails due to a compromise, the secretValue returned by MPS will differ from the expected value, indicating potential tampering or an untrusted runtime state.
let secretValue: String = mps.get<SecretKey>()