Inside Secure delivers application protection against attacks on Android Java devices

Inside Secure (Paris:INSD) (Euronext Paris: INSD), at the heart of security solutions for mobile and connected devices, has released its Core security technology specifically for Android applications, the company said.

Core for Android brings an unprecedented level of security capability in the Android environment by, for the first time, building a deep integrity network inside the applications. As a result, developers can create innovative applications confident that consumers can now more securely and safely make transactions managing sensitive personal data and information on their Android devices.

While Inside Secure´s patented Core technology has protected applications for many years, Core for Android brings enhancements designed specifically to address inherent vulnerabilities in Android Java apps, providing a measurable increase in the level of protection that Inside Secure, and the wider industry, can provide for Android applications. This is critical in order to deliver secure and trusted services in banking, mobile payments, content protection and global enterprise.

Core for Android has been independently tested and found to bring significant advances in security for Android applications with a very strong set of essential controls against code tampering along with hardening mechanisms against reverse engineering analysis. Specifically, the runtime code integrity detection technique and the applied code obfuscation are considered very strong and among the industry´s best.

Traditionally, to secure Android applications, the code processing sensitive data and algorithms had to be developed in C/C++ using Android´s Native Development Kit (NDK). This enabled it to be protected with strong integrity and obfuscation technologies. However, the vast majority of Android applications today are written in Java. Legacy and free-to-use solutions to “secure” Java apps focus on obfuscation techniques. Unfortunately, these cannot detect malicious changes to the code as it runs. Hackers can easily intercept the running code, making applications more vulnerable to attack, code alteration and reverse engineering. Hackers have exploited these vulnerabilities in many attacks seen in recent months.

Inside Secure is at the heart of security solutions for mobile and connected devices, providing software, silicon IP, tools and know-how needed to protect customers´ transactions, content, applications, and communications.