The IT Nerd

Approov, a leader in mobile application and API security, and PreEmptive, a pioneering force in application security, today joined forces to provide comprehensive mobile application protection as the EU Digital Markets Act takes effect. The joint solution addresses the main challenges for mobile app security: protecting intellectual property and app shielding, as well as runtime threats to apps and the need for app attestation.

The EU DMA forces Google and Apple to allow side-loaded apps via alternative app stores which reduces the effectiveness of the security mechanisms provided by these vendors. For example, the theft of app intellectual property, creation of illegal copies of apps, and manipulation of apps at runtime are all harder for Google and Apple to prevent.

PreEmptive and Approov have partnered to effectively protect app intellectual property and prevent runtime tampering through a straightforward, cross-platform solution to these challenges that are compatible with both iOS and Android. This effective and easy-to-deploy security solution for mobile apps seamlessly integrates with the CI/CD pipeline and SAST/DAST solutions, and is not dependent on Apple or Google. It includes:

• Comprehensive shielding of Android and iOS mobile app code from reverse engineering and intellectual property theft.
• Runtime app attestation to prevent cloned and copied apps.
• Anti-tampering checks to detect client OS manipulation and the presence of emulators and hostile frameworks at runtime.
• API and communications channel protection by using dynamic certificate pinning.
• Dynamic API Key and certificate management to prevent API abuse.

There are fundamental security challenges with mobile apps: they can be reverse engineered, analyzed, cloned, modified, or copied, and the environments they run in can be hacked, rooted, instrumented, and manipulated to interfere with the operation of an app. Apple and Google provide only basic app protection and attestation, but these are limited and are dependent on features of the Apple App Store and on Google Play. Stronger security measures are needed.

Approov and PreEmptive address these challenges with a joint solution that works across all platforms and application types — independent of the app store employed to distribute apps. This means users can future-proof your application security while continuously monitoring for and preventing app and API abuse.

Under terms of the partnership:

• Approov can resell Dotfuscator and JSDefender, and the PreEmptive mobile shielding products: PreEmptive DashO for Android, and Defender for iOS.
• Approov provides an extended 90-day trial period of Approov RASP and runtime analytics to PreEmptive customers.

April 24 Joint Web Seminar Explains It All

Approov will host a joint web seminar on the impact of the EU Digital Markets Act with PreEmptive on April 24, 2024, at 11am US Eastern Time (ET). The one-hour session will delve into mobile app vulnerabilities and demonstrate how PreEmptive and Approov effectively protect app intellectual property and prevent runtime tampering, with a straightforward approach compatible with both iOS and Android. Attendees will learn:

• How the EU Digital Markets Act exposes the limitations of Google and Apple mobile security.
• Why the two main challenges for mobile app security are: (1) The protection of intellectual property and the need for app shielding; and (2) Runtime threats to apps and the need for app attestation.
• How to easily and effectively defend against these threats as the EU DMA takes effect
• How PreEmptive and Approov together provide an effective and easy-to-deploy security solution for mobile apps that is not dependent on Apple or Google.

Register for the webinar here: https://approov.io/info/joint-webinar-comprehensive-and-effective-mobile-security