Advanced code obfuscation techniques alter the mobile application so it cannot be disassembled and understood by hackers. It is vital that a barrage of techniques be used together so any would-be hackers will give up on doing a static analysis and move onto softer targets.
Runtime Application Self-protection (RASP) ensures that the running application cannot be attached to by a debugger or inspected to learn its secrets or alter its functions. If hacking is attempted, the application can signal that it is being hacked, then exit to foil hackers.
A white-box cryptographic library is a drop in replacement for the weak cryptographic libraries that come as part of the Android or iOS platforms. With white-box cryptography, secrets and keys are never in the clear in memory, even when they are being used, so they will remain secret.
Taking Steps to Protect Financial Mobile Applications White Paper
This paper describes the latest statistics on cybercrime in the mobile financial industry and the most common types of attacks on mobile applications. Finally, this white paper will focus on Intertrust’s robust solution to protecting financial applications—a set of application shielding tools that are intended to increase application-level security and render cyberattacks on financial applications extremely difficult and expensive to execute.