loading...

Securing Your apps with SafetyDetect

singlebubble1 profile image singlebubble ・3 min read

What is SafetyDetect?

SafetyDetect is an API or Kits that provide security checks to your application. This will help to protect your app against security threats or malicious programs.

The kits consists of 5 main APIs:

SysIntegrity API: Checks whether the device running your app is secure, for example, whether it is rooted.
AppsCheck API: Obtains a list of malicious apps.
URLCheck API: Determines the threat type of a specific URL.
UserDetect API: Checks whether your app is interacting with a fake user.
WifiDetect API: Checks whether the Wi-Fi to be connected is secure.

Why SafetyDetect?

Why do you want to use safetydetect?

Imagine that if your app deals with sensitive data and/or provide transactional capabilities, you would not want your app security to be compromised.
SafetyDetect will provide the security (device, url, apps, wifi) to your app so that you can ensure that your app and data is not compromised when infected device access your apps.

Using SysIntegrity API

To use SysIntegrity API, there are only a few simple steps.
First, add the required app gallery plugin and safety detect dependency to your build.gradle

Project build.gradle:

dependencies {
    implementation 'com.huawei.hms:safetydetect:{version}'
}

Module build.gradle:

implementation 'com.huawei.hms:safetydetect:5.0.1.300'

Next, to call the API you will need to generate a nonce value, this value must be at least 16 bytes and is only valid once. This value will be returned also within the SafetyDetect response, so you can use this value to check the validity of the Response.
A nonce can be the app username appended with the timestamp of the request, or any unique value of the application.

fun invokeSysIntegrityCheck() {
     val mClient = SafetyDetect.getClient(this)

     val nonce = "This Is Just A Test Nonce".toByteArray(Charsets.UTF_8)
     val task = mClient.sysIntegrity(nonce, "your app id")

     task.addOnSuccessListener {res ->
         // sys integrity call success, result is returned
         val result = res.result
     }.addOnFailureListener {
         // something went wrong, please check your app id and if you have enabled the safety detect api in developer console
         it.printStackTrace()
     }

 }

The result of the check is returned in a json format, sample is below:

{
    "advice":"RESTORE_TO_FACTORY_ROM",
    "apkCertificateDigestSha256":[
        "yT5JtXRgeIgXssx1gQTsMA9GzM9ER4xAgCsCC69Fz3I="
    ],
    "apkDigestSha256":"6Ihk8Wcv1MLm0O5KUCEVYCI/0KWzAHn9DyN38R3WYu8=",
    "apkPackageName":"com.huawei.hms.safetydetectsample",
    "basicIntegrity":false,
    "nonce":"R2Rra24fVm5xa2Mg",
    "timestampMs":1571708929141
}

If the basicIntegrity parameter is false, the user device is at risk. You can choose to notify the user or block the access of the app if you think it’s necessary.

Using AppsCheck API

AppsCheck api is a service where it will detect if any malicious apps are installed on the device. The signature of this malicious apps is stored in the cloud and is periodically updated

fun invokeAppsCheck() {
     val mClient = SafetyDetect.getClient(this)

     val task = mClient.maliciousAppsList

     task.addOnSuccessListener {
         // service call is successful. we will need to check the app lsit response to see if there is any malicious app installed
         val appDataList = it.maliciousAppsList
         if (it.rtnCode == CommonCode.OK) {
             if (appDataList.isEmpty()){
                 // malicious apps list is empty, device is safe.
             }

             else {
                 // malicious apps is detected on the device
                 appDataList.forEach {
                     Log.w("warn", "Malicious app detected: ${it.apkCategory}, ${it.apkPackageName}, ${it.apkSha256}")
                 }
             }
         }

     }.addOnFailureListener {
         // something went wrong
     }
 }

Using URLCheck API

URLCheck is a service which allows the app to check a particular URL for malicious URL. This is very useful for app that re-directs the user to a lot of other 3rd party URL, such as barcode scanner.
To use URL Check Api:

fun doUrlCheck(url: String) {
     val mClient = SafetyDetect.getClient(this)

     // Check the URL
     // Param1: URL To be checked
     // Param2: your Huawei App ID
     // Param3&4: Types of threat to be checked
     mClient.urlCheck(url, "your app id here",
         UrlCheckThreat.MALWARE,
         UrlCheckThreat.PHISHING)
         .addOnSuccessListener {
             if (it.urlCheckResponse.isEmpty()) {
                 // No threat or phishing detected
             } else {
                 // Threat detected
             }
         }
 }

So there we have it. Safety Detect is really useful to secure your apps from threats when user is using the app.

For more information, please see the developer link:
https://developer.huawei.com/consumer/en/doc/development/HMSCore-Guides/introduction-0000001050156325

Thank you, Happy Coding!

Posted on by:

singlebubble1 profile

singlebubble

@singlebubble1

live, laough and love coding, cooking and skiing

Discussion

markdown guide