Instant protection for iOS and Android apps from static and dynamic attacks

A global leader in app and SDK defense with over ten billion installations.

DexProtector’s approach to defending your apps is unique. Its Runtime Application Self Protection (RASP) native engine works at a system level deep within the app. From there, it interacts directly with the OS components. This helps it to control key processes and secure the most sensitive parts of your apps and libraries.

DexProtector builds layers of protection on top of one another, creating a solid shield around your valuable code and assets. This hardens your apps and prevents real-time attacks.

DexProtector the first software protection tool to be certified by EMVCo

Benefits

Instant, one-click integration into your CI/CD with no coding required
Protects your apps as well as the communication channel with servers
Provides a secure layer between your app and the operating system
Defends your app against both static and dynamic attacks
A smart virtual machine that prevents hooking and debugging
A unique native engine secures your app without slowing it down

Features

DexProtector isn't a cloud-based security solution. It protects your apps and SDKs in an enclosed, isolated environment.

Code Protection and Virtualization

DexProtector combines both string and class encryption. It also hides method calls and access to fields, and conceals and encrypts native code.
Content Protection

Completely-transparent resource and asset encryption which uses uncrackable cryptographic algorithms.
Integrity Control

A self-defending native layer of protection. Its self-checking internal mechanisms are based on dynamically-calculated, context-sensitive keys (what we call the Crypto Chain of Trust).
Device Attestation and Tamper Notifications

DexProtectors’s environment checks detect untrusted environments. They highlight rooting, debugging, hooking, and emulators. And they also provide reports for further risk assessment.
Communication Hardening

DexProtector comes with reinforced public key pinning implementation. This blocks sophisticated man-in-the-middle attacks.
Secure Execution Environment and Crypto Module

A smart, secure JavaCard-inspired native virtual machine. It puts TEE concepts in place that protect cryptographic operations.

How it works

Layers of smart protection that keep your apps safe from hackers.

run

01_String Encryption

Imagine a one-way mirror. On one side you only see your reflection, but the other side is transparent. DexProtector is this mirror. It keeps bad actors on the first side of the glass. They only see a reflected version of the string code in a protected format that they can’t read.

The encryption keys we use to decrypt protected strings are context sensitive. That means it isn’t possible for a hacker to perform a static analysis on your apps.

run

02_ Hide Access

Within your apps there are lots of method calls alongside access to fields. Each comes with meaningful logic that you can understand. But when DexProtector runs its Hide Access protection layer, it virtualizes and conceals this logic. So it no longer makes any sense to a would-be attacker.

Our native engine also acts as a shield against hooking and debugging attempts. That way it secures the sensitive logic in your apps and libraries.

run

03_ Class Encryption

DexProtector encrypts sensitive classes within your apps using dynamic key cryptography. Then it moves these unreadable classes to a secure, encrypted container. Somewhere bad actors would never think to look for them.

This is the first stage of Class Encryption - what we call the protection stage. At the second stage (runtime), DexProtector’s smart native engine works closely with the operating system and prevents the dumping of decrypted classes.

run

04_ Asset and Resource Encryption

DexProtector encrypts assets and resources such as media files, text files, and HTML files. You’re left with the same number of files at the end of this process. But bad actors can’t tell what they are. No coding is required - it’s an automatic encryption process that includes hybrid applications.

During Asset and Resource Encryption, DexProtector works with the final containers. That means it’s able to pre-calculate the dynamic key before execution. This is a unique process that adds even more protection.

run

05_Native Library Encryption

Many apps have platform-specific native libraries within them. DexProtector creates a secure container for the original, protected library. This is an encryption process based on dynamically-generated keys, together with other forms of protection.

DexProtector’s native engine carries out this process using its own library loading mechanisms. The end result is that attackers can’t see the original code, and they can’t see the exported symbols in the secure containers.

run

06_Environment checks

DexProtector probes the environment of your apps to determine its safety. Among other things, it checks for signs of tampering, hooking attempts, rooted devices, debuggers and emulators. This is important because these are tools attackers use to reverse engineer your apps.

It also provides attack telemetry data. This gives you valuable insights into the environments your app is being used in. It helps you to react to threats as they happen, and plan a risk analysis.

View documentation

Dynamic protection

What sets DexProtector apart is the depth it works at to protect your apps.

Some app protection products rely on integrating a software development kit into your apps. But this is a bit like going into battle with a blindfold on.

DexProtector goes deeper. Its native engine is closely integrated to the OS and it also works with the application container. This means it gets to know your apps inside out. It can pre-calculate different dynamic keys for each of its security functions during the protection phase.

Like an iceberg, the most dangerous threats to your apps are often hidden under the surface. That’s why Dexprotector’s approach is so effective.

Get a quote

Take DexProtector’s security to another level with Alice and CryptoModule. Attack telemetry and threat intelligence, and smart protection designed for sensitive apps.

Request a demo

Alice

Get a real-time view of exactly how DexProtector is keeping your app safe. Alice gives you valuable insights that you can use to plan your long term security.

Learn more

Crypto Module

Does your app carry critical logic and rely on cryptography? If so, CryptoModule can help. It uses a smart virtual machine to store key material in a safe environment.

Learn more

Platform support

Android

Applications and Libraries for Android, Android Wear, Android TV and Android Things

iOS

Applications and Frameworks for iOS, watchOS and tvOS

IOT

Software Trusted Execution Environment with Crypto Module functionality for Embedded Platforms

Application Distribution Formats

Android APK, AAB, AAR, iOS App Store Package, XCode Application Archive

Supported Languages

Java, Kotlin, C/C++, C#, HTML/JS, Objective-C, Swift

Applications Types

Native Applications, Cordova/PhoneGap/Ionic/Titanium, ReactNative, Xamarin, Unity

Continuous Integration / Delivery Pipelines

Azure Pipelines, Bitrise, Jenkins

Development Tools

Android Studio Gradle, Eclipse, Maven, Ant

Beta-Testing Platforms

Firebase, Google Play Console, TestFlight

Mobile OSes

Android versions from 4.0 to 12.x, iOS versions from 9.x to 14.x, BlackBerry, YunOS

Insights

What is zero-trust application security?

DexProtector 12.11

Introducing DexProtector 12.11, with improved iOS application protection mechanisms.
read more
DexProtector 12.9

We want to make it easier for you to receive the updates we apply to DexProtector. The latest version (12.9) does just that.
read more

Ready to get started?

get a quote

Our other products

Stringer

Comprehensive, best-in-class protection for your standalone and enterprise Java applications.

learn more

JCardSim

The industry standard for developing identification, payment, and other smart card applications.