Menu

Instant protection for iOS and Android apps from static and dynamic attacks

Get a quote

The global leader in app and SDK defense with over ten billion installations.

DexProtector has a unique way of defending your apps from attacks. Its Runtime Application Self Protection (RASP) native engine works at a system level deep within the app. It interacts directly with the OS components, controlling key processes and securing the most sensitive parts of your apps and libraries.

Layers of protection build on one another, creating a solid shield around your valuable code and assets. This hardens your apps and prevents real-time attacks.


Benefits

  • Instant integration into your CI/CD with no coding required
  • Protects your apps as well as the communication channel with servers
  • Provides a secure layer between your app and the operating system
  • Defends your app against both static and dynamic attacks
  • A smart virtual machine that prevents hooking and debugging
  • A unique native engine that maintains your app's performance level

Features

DexProtector isn’t an app sealing, SAAS product. Its security goes much further than that offered by a cloud-based service. It’s also a lot easier to integrate, as you don’t have to code anything.


  • Code Protection and Virtualization

    DexProtector combines both string and class encryption. It also hides method calls and access to fields, and conceals and encrypts native code.

  • Content Protection

    Completely-transparent resource and asset encryption which uses uncrackable cryptographic algorithms.

  • Integrity Control

    A self-defending native layer of protection. Its self-checking internal mechanisms are based on dynamically-calculated, context-sensitive keys (what we call the Crypto Chain of Trust).

  • Device Attestation and Tamper Notifications

    DexProtector’s environment checks detect untrusted environments. They highlight rooting, debugging, hooking, and emulators. And they also provide reports for further risk assessment.

  • Communication Hardening

    DexProtector comes with reinforced public key pinning implementation. This blocks sophisticated man-in-the-middle attacks.

  • Secure Execution Environment and Crypto Module

    A smart, secure JavaCard-inspired native virtual machine. It puts TEE concepts in place that protect cryptographic operations.

making a contactless payment

How it works

Layers of smart protection that build on one another.

run

01_String Encryption

Imagine a one-way mirror. On one side you only see your reflection, but the other side is transparent. DexProtector is this mirror. It keeps bad actors on the first side of the glass. They only see a reflected version of the string code in a protected format that they can’t read.

The encryption keys we use to decrypt protected strings are context sensitive. That means it isn’t possible for a hacker to perform a static analysis on your apps.

run

02_ Hide Access

Within your apps there are lots of method calls alongside access to fields. Each comes with meaningful logic that you can understand. But when DexProtector runs its Hide Access protection layer, it virtualizes and conceals this logic. So it no longer makes any sense to a would-be attacker.

Our native engine also acts as a shield against hooking and debugging attempts. That way it secures the sensitive logic in your apps and libraries.

run

03_ Class Encryption

DexProtector encrypts sensitive classes within your apps using dynamic key cryptography. Then it moves these unreadable classes to a secure, encrypted container. Somewhere bad actors would never think to look for them.

This is the first stage of Class Encryption - what we call the protection stage. At the second stage (runtime), DexProtector’s smart native engine works closely with the operating system and prevents the dumping of decrypted classes.

run

04_ Asset and Resource Encryption

DexProtector encrypts assets and resources such as media files, text files, and HTML files. You’re left with the same number of files at the end of this process, but bad actors can’t tell what they are. No coding is required - it’s an automatic encryption process that works just as well for hybrid apps.

During Asset and Resource Encryption, DexProtector works with the final containers. That means it’s able to pre-calculate the dynamic key before execution. This is a unique process that adds even more protection.

run

05_Native Library Encryption

Many apps have platform-specific native libraries within them. DexProtector creates a secure container for the original, protected library. This is an encryption process based on dynamically-generated keys, as well as other forms of protection.

DexProtector’s native engine carries out this process using its own library loading mechanisms. The end result is that attackers can’t see the original code, and they can’t see the exported symbols in the secure containers.

run

06_Environment checks

DexProtector probes the environment of your apps to determine its safety. Among other things, it checks for rooted devices, debuggers, emulators, hooking attempts, and signs of tampering. This is important because these are the tools attackers use to reverse engineer your apps.

It also provides critical attack telemetry data. This gives you valuable insights into the environments your apps are being used in. It helps you to react to threats as they happen and plan a risk analysis.

View documentation

Dynamic protection

What sets DexProtector apart is the depth it works at to protect your apps.

Some app protection products rely on integrating a software development kit into your apps. But this is a bit like going into battle with a blindfold on.

DexProtector goes deeper. Its native engine is closely integrated to the OS, and it also works with the application container. This means it gets to know your apps inside out. It can pre-calculate different dynamic keys for each of its security functions during the protection phase.

Like an iceberg, the most dangerous threats to your apps are often hidden under the surface. That’s why DexProtector’s approach is so effective.

Get a quote

Platform support

Android

Applications and Libraries for Android, Android Wear, Android TV and Android Things

iOS

Applications and Frameworks for iOS, watchOS and tvOS

IOT

Software Trusted Execution Environment with Crypto Module functionality for Embedded Platforms

Application Distribution Formats

Android APK, AAB, AAR, iOS App Store Package, XCode Application Archive

Supported Languages

Java, Kotlin, C/C++, C#, HTML/JS, Objective-C, Swift

Applications Types

Native Applications, Cordova/PhoneGap/Ionic/Titanium, ReactNative, Xamarin, Unity

Continuous Integration / Delivery Pipelines

Azure Pipelines, Bitrise, Jenkins

Development Tools

Android Studio Gradle, Eclipse, Maven, Ant

Beta-Testing Platforms

Firebase, Google Play Console, TestFlight

Mobile OSes

Android versions from 4.0 to 10.x, iOS versions from 9.x to 13.x, BlackBerry, YunOS

Take DexProtector’s security to another level with Alice and CryptoModule. Attack telemetry and threat intelligence, and smart protection designed for sensitive apps.

Request a demo

Alice

Get a real-time view of exactly how DexProtector is keeping your app safe. Alice gives you valuable insights that you can use to plan your long term security.

Learn more

Crypto Module

Does your app carry critical logic and rely on cryptography? If so, CryptoModule can help. It uses a smart virtual machine to store key material in a safe environment.

Learn more

Insights

Ready to get started?

Our other products