Inside Secure (Euronext Paris: INSD), at the heart of security solutions for mobile and connected devices, today announced that it has released its Core security technology specifically for Android applications. Core for Android brings an unprecedented level of security capability in the Android environment by, for the first time, building a deep integrity network inside the applications. As a result, developers can create innovative applications confident that consumers can now more securely and safely make transactions managing sensitive personal data and information on their Android devices.
While Inside Secure’s patented Core technology has protected Native Android applications for many years, Core for Android brings enhancements designed specifically to address inherent vulnerabilities in Android Java apps, providing a measurable increase in the level of protection that Inside Secure, and the wider industry, can provide for Android applications. This is critical in order to deliver secure and trusted services in banking, mobile payments, content protection and global enterprise.
Core for Android has been independently tested and found to bring significant advances in security for Android applications with a very strong set of essential controls against code tampering along with hardening mechanisms against reverse engineering analysis. Specifically, the runtime code integrity detection technique and the applied code obfuscation are considered very strong and among the industry’s best.
“Securing personal and financial consumer data in the Android environment has been a significant problem, especially for sensitive applications such as mobile banking and insurance,” said Andrew McLennan, president of Inside Secure’s Content and Application Protection business unit. “With Inside Secure’s Core for Android, we have created an innovative and tested solution that creates an integrity network inside Android applications. We are excited to offer this level of protection to our customers developing applications on Android.”
Traditionally, to secure Android applications, the code processing sensitive data and algorithms had to be developed in C/C++ using Android’s Native Development Kit (NDK). This enabled it to be protected with strong integrity and obfuscation technologies. However, the vast majority of Android applications today are written in Java. Legacy and free-to-use solutions to “secure” Java apps focus on obfuscation techniques. Unfortunately, these cannot detect malicious changes to the code as it runs. Hackers can easily intercept the running code, making applications more vulnerable to attack, code alteration and reverse engineering. Hackers have exploited these vulnerabilities in many attacks seen in recent months.
Inside Secure (Euronext Paris – INSD) is at the heart of security solutions for mobile and connected devices, providing software, silicon IP, tools and know-how needed to protect customers’ transactions, content, applications, and communications. With its deep security expertise and experience, the company delivers products having advanced and differentiated technical capabilities that span the entire range of security requirement levels to serve the demanding markets of network security, IoT security, content & application protection, mobile payment & banking. Inside Secure’s technology protects solutions for a broad range of customers including service providers, content distributors, security system integrators, device makers and semiconductor manufacturers.