The extension reinforces Licel’s vision for the continuous testing of security solutions to become normalized.
In November 2021, DexProtector became the first software protection tool to be certified by EMVCo for both the iOS and Android platforms. Seven months on, the global technical body for payments has extended DexProtector’s security certification.
According to Mikhail Dudarev, the CTO of Licel, the extension reflects a culture of continuous security that is deep rooted within the company.
“There was a time when a security solution would achieve certification and be thought fit for purpose from that moment on” Dudarev explains. "But we're now living in a world where the threat landscape is constantly shifting. New risks and vulnerabilities emerge so quickly that security providers like us have a responsibility to ensure our products have also evolved at the same pace. We hope that this approach of regularly testing security solutions will become the norm across the cybersecurity industry.”
In recent months alone, DexProtector has added a variety of new features to its toolkit to frustrate bad actors. These include:
- the automatic integration of runtime check mechanisms that can spot rooted devices, hooking frameworks, debuggers, emulators, and custom firmware
- platform checks that determine whether an app has been downloaded from an authentic platform like Google Play
- UI protection which blocks screen capture on both Android and iOS
- a tool called AppCare embedded into DexProtector Studio which automatically finds and protects secrets within an app and highlights any known vulnerabilities in libraries and dependencies
Once again it was Applus+ Laboratories, a global leader in testing, inspection, and certification that scrutinized DexProtector’s security in its laboratory.
And as Applus+ Laboratories’ Director of IT Labs, Josepmaria Roca notes, an associated benefit of regular security assessments is that it makes the process much easier for testing labs.
“Reviewing and testing DexProtector every year means we can easily analyze security changes in its code. We can also monitor the situation and make a preemptive analysis of new threats as they arrive. We agree with Licel that every security provider should get into the habit of testing their solution frequently.”