Login
      Contents x
      App Management
        • Print
        • PDF
        Contents

        App Management

          • Print
          • PDF
          Article Summary

          The latest service changes have not yet been reflected in this content. We will update the content as soon as possible. Please refer to the Korean version for information on the latest updates.

          Available in Classic and VPC.

          App Management describes how to register an app to protect or create SDK or control the status of apps.

          App Management page

          From the NAVER Cloud Platform console, click the menus of Services > Security > App Safer > App Management in that order to check the App Management page. The App Management page is laid out as follows.

          appsafer-app_screen_en

          FieldDescription
          ① Menu nameName of the menu currently being viewed
          ② Basic featuresFeatures displayed when you enter the App Management menu for the first time
          • [Register Apps] button: click to Register apps
          • [Learn more about the product] button: click to move to the App Safer introduction page
          • [Refresh] button: click to refresh the page
          ③ Post-creation featuresFeatures provided after creating an app or SDK
          • [Delete] button: delete the app selected
          • [Stop] button: select and stop the app in operation
          • [Start] button: select and rerun the stopped app
          ④ App listCreated app list. You can check app information and change settings

          Register apps

          Register the app to protect on NAVER Cloud Platform Console. You can simply apply how to register according to the mobile operating system or development environment or create SDK.

          • Simple application: select it when the Android app is prepared in the format of AAB or APK file format and when you want to rapidly apply App Safer
          • SDK integration: select it when you want to apply App Safer by connecting SDK on Android or iOS app

          Simple application

          You can apply App Safer by simple application as below.

          1. Access the NAVER Cloud Platform console.
          2. From the Region menu, click and the region you're using.
          3. From the Platform menu, click and the platform you're using.
          4. Click the Services > Security > App Safer menu one by one in order.
          5. Click the [Register apps] button.
          6. Proceed with the following steps in order in the Register apps page.

          1. Enter application information

          Enter the app data and registration information to protect. The items to be entered are as below.

          • Version: select the version of the App Safer to apply. For changes per version, see App Safer release notes.
          • OS: select Android as mobile operating system for the app
          • Application method: select Simple application
          • File Upload: Drag the file with the mouse or click here. Drag the AAB or APK file or click the file to designate it.
            • The maximum size of files that can be uploaded is 4 GB.
            • You cannot re-register an already registered app
          • Set Notifications: Click the [Set notification recipient] button to select the notification recipient to receive notification on progress through email or SMS.
            • To register notification recipient, select the person in charge and notification method and click the [Add] button.
            • To delete the registered notification recipient, click the [Delete] button on the relevant item.
            • When you need to add a new recipient, click the [Manage notification recipient] button, and register the recipient information in the Notification Recipient menu of the Cloud Insight (VPC) or the Monitoring (Classic).
          • Note: Enter the memo for less than 255 characters when needed.

          Enter all the required information and then click the [Next] button.

          2. Obfuscation settings

          Obfuscate the code of the uploaded app package. When another person decompiles the file, you can prevent the person from interpreting the code.

          • This can be skipped. But, you cannot change the settings.
          • App Safer obfuscates the class, method, field, and strings. You must set those specific items that must not be obfuscated as exceptions.
          • The below items are included in the targets for processing as exceptions for obfuscation automatically.
            • Interface-related packages called from Android framework
            • Library provided by a third party
          • Obfuscation is supported based on Proguard.

          After completing the settings, click the [Next] button.

          3. Set binary protection

          Set the protection for specific binary in the uploaded file.

          • Native Libraries: Set the Native Library binary protection extracted automatically from the uploaded app
            • You can protect it by applying the encryption and code tampering detection features to the next architecture
              • armeabi
              • armeabi-v7a
              • arm64-v8a
              • x86
              • x86_64
            • With all check boxes selected basically, you can release the check box for the binary you don't want to protect
            • You can select the code tampering detection features only when encryption is applied
          • Unity: When there is unity binary in the uploaded app, it is displayed and the Global Meta information protection is set.
            • With check boxes selected basically, you can release the check box you don't want to protect
          • Emulator Compatibility: Set the compatibility support to address issues occurring when the app is run on some emulators.

          After completing the settings, click the [Next] button.

          4. Blocked device collection settings

          For collecting and managing information of mobile devices detected in the blocking policy, select whether to connect Effective Log Search & Analytics.

          • The basic collection and statistics features are provided regardless of the connection status.
          • If you want to use additional statistical data through Kibana, please agree to the use of Effective Log Search & Analytics (ELSA). Once you agree, an ELSA project where you can view App Safer logs is automatically created.
          • Click the i-appsafer_open and you move to the portal's Effective Log Search & Analytics introduction page.
          Note

          When you use the Effective Log Search & Analytics, an additional fee will be charged.

          After completing the settings, click the [Next] button.

          5. Blocking Policy Settings

          Set the blocking policy to meet the app characteristics.

          • Blocking policy: Set the blocking conditions based on the detection types provided by App Safer

            • To reuse the blocking policy applied to another app, click the [Import] button
              Blocking policyDescription
              RootingThe app detects and blocks the routing (an act where the user forcefully acquires the super user permissions for the operating system) of the device in operation
              EmulatorBlock it if the app is run on a virtual machine such as an emulator and simulator
              DebuggingDuring the execution of app, the debugging (An act to access an app process and dynamically analyze it) by a third party is detected and blocked
              SpeedhackIf a system time manipulation act occurs by a third party during the execution of app, it is blocked
              Memory TamperedThe memory tampering or code tampering by a third party during the execution of app is detected and blocked
              App Integrity TamperedThe tampering of app by a third party is detected and blocked
              Unauthorized SignatureAn unauthorized app signature is detected and blocked
              Malware threatA malignant code threat is detected and blocked

          • Detection message: When the execution of app is blocked by policy, set the message to display.

            • The message entered into DEFAULT is displayed on all mobile devices using the app
            • To set the message for each language, select the language code of the message in Language, and prepare the content of message in Message, and click the [Add] button to register it.

          After completing the settings, click the [Next] button.

          6. Final confirmation

          After checking the set details, click the [Register] button.

          Note

          It may take several minutes to register the app. When the registration is complete and the operation has started, In operation (app fingerprints collection)is displayed on the status column of the app list.

          SDK integration

          You can apply App Safer by SDK integration as below.

          1. Access the NAVER Cloud Platform console.
          2. From the Region menu, click and the region you're using.
          3. From the Platform menu, click and the platform you're using.
          4. Click the Services > Security > App Safer menu one by one in order.
          5. Click the [Register apps] button.
          6. Proceed with the following steps in order in the Register apps page.

          1. Enter application information

          Enter the app registration information to protect. The items to be entered are as below.

          • Version: Select the version of the App Safer to apply. For changes per version, see App Safer release notes.
          • OS: Select the mobile operating system of the app
          • Application method: Select SDK integration
          • Package name: Enter the package name for the Android app, and enter the bundle ID for the iOS app.
            • You can enter between 3 and 99 characters among English letters, numbers, and hyphens (-), and you must start with an English letter.
          • App version: Enter the app version
            • You can enter between 3 and 30 characters.
          • Note: Enter the memo for less than 255 characters when needed.
          Note

          You cannot change the package name afterwards, so enter the same package name of the actually deployed app.

          Enter all the required information and then click the [Next] button.

          2. Blocked device collection settings

          For collecting and managing information of mobile devices detected in the blocking policy, select whether to connect Effective Log Search & Analytics.

          • The basic collection and statistics features are provided regardless of the connection status.
          • If you want to use additional statistical data through Kibana, please agree to the use of Effective Log Search & Analytics (ELSA). Once you agree, an ELSA project where you can view App Safer logs is automatically created.
          • Click the i-appsafer_open and you move to the portal's Effective Log Search & Analytics introduction page.
          Note

          When you use the Effective Log Search & Analytics, an additional fee will be charged.

          After completing the settings, click the [Next] button.

          3. Blocking Policy Settings

          Set the blocking policy to meet the app characteristics.

          • Blocking policy: Set the blocking conditions based on the detection types provided by App Safer

            • To reuse the blocking policy applied to another app, click the [Import] button.
            • Android app's blocking policy
            Blocking PolicyDescription
            RootingThe app detects and blocks the rooting (an act of a user to forcefully acquire the super user permissions for the operating system) of the device being run
            EmulatorWhen the app is run on a virtual machine such as an emulator and simulator, it is blocked
            DebuggingWhen the app is being executed, the debugging (an act to access the app process and dynamically analyze it) by a third party is detected and blocked
            SpeedhackWhen a system time manipulation act occurs by a third party when the app is being executed, it is blocked
            Memory TamperedWhen the app is being executed, the memory tampering or code tampering act by a third party is detected and blocked
            App Integrity TamperedThe app tampering by a third party is detected and blocked
            Unauthorized SignatureAn unauthorized app signature is detected and blocked
            Malware threatA malignant code threat is detected and blocked
            • iOS app's blocking policy
            Blocking PolicyDescription
            JailbreakThe app detects and blocks the jailbreak (an act of a user to forcefully acquire the super user permissions for the operating system) of the device being run
            SimulatorWhen the app is run on a virtual machine such as an emulator and simulator, it is blocked
            DebuggingWhen the app is being executed, the debugging (an act to access the app process and dynamically analyze it) by a third party is detected and blocked
            App Integrity TamperedThe app tampering by a third party is detected and blocked
            Unauthorized SignatureAn unauthorized app signature is detected and blocked

          • Detection message: When the execution of app is blocked by policy, set the message to display.

            • The message entered into DEFAULT is displayed on all mobile devices using the app
            • To set the message for each language, select the language code of the message in Language, and prepare the content of message in Message, and click the [Add] button to register it.

          After completing the settings, click the [Next] button.

          4. Final confirmation

          After checking the set details, click the [Register] button.

          Note

          It may take several minutes to register the app. When the registration is complete and the operation has started, in operation (app fingerprints collection)is displayed on the status column of the app list.

          View App list

          The following describes how to view the created app list.

          Note

          You can see the list if you have 1 or more apps created. If you don't have any app that has been created, then the list is not displayed in the App Management page.

          1. From the NAVER Cloud Platform console's Region menu and Platform menu, click the environment you're using.
          2. Click the Services > Security > App Safer menu one by one in order.
          3. When the App list appears, check the summarized information or click an app to check the detailed information.
            • Package name: The app's package name
            • OS: The app's mobile operating system
            • App version: App Safer version applied to the app
            • Note: Memo entered when the app was registered
            • Date of registration: Date and time when the app was registered
            • Status: Current app status
              • Running: Status where the app can be normally operated
              • In operation (app fingerprints collection): a status where the App Safer allows the app fingerprints collection and is operating Even with the app fingerprint detection policy, the fingerprint is automatically registered.
              • Stopped: A status where the app execution is stopped by the user. You can restart it.
              • Registering: A status where the App Safer is being applied
              • Registration failed: A status where the App Safer application is failed
            • Download: Click the [APP] button or the [SDK] button and download the app or the SDK.
            • App Safer Key: Authentication key that can be used for resetting and connection services for App Safer SDK
            • Registration settings: Click the [View details] button and the app information and ELSA integration information are displayed. You can download the script for requesting for the open API and dump files.
            • App fingerprint registered: Set whether to collect app fingerprint
              • When it is set to Collect, the app status is changed to In operation (app fingerprints collection). Even if the app fingerprint detection policy is set, app is not blocked, and the name of the app fingerprint and the fingerprint value are collected and displayed.
                • The name of app fingerprint is collected according to the criteria for each operating system, and the app fingerprint value is automatically registered as the unique value according to the app execution.
                • After the App Safer is applied and the test is completed, you need to change the app fingerprint collection status to Not collect.
              • When it is set to Not Collect, the app status is changed to In operation. If the app fingerprint detection policy is set, the app is blocked when the conditions are met.
            • Blocking policy: Set blocking policy details. You can click the [Set] button and edit the policy and message.
            • Detection message: Set detection message details

          Downloading app/SDK

          You can download the app or SDK with App Safer applied as below.

          1. From the NAVER Cloud Platform console's Region menu and Platform menu, click the environment you're using.
          2. Click the Services > Security > App Safer menu one by one in order.
          3. Click the [APP] button or the [SDK] button on the download column of the item to be downloaded on the app list.
          4. When the popup window appears, click the [App Download] button or the [SDK download] button.
            • The AAB/APK-type app or the AAR-type SDK is downloaded to the local PC.
            • When downloading the SDK, copy the App Safer Key appearing together on the popup window. It is needed when integrating SDK.
            • If you have downloaded the app, sign in the app before running it on the mobile device.

          App signature

          The AAB/APK files with App Safer applied by the simple application method can be run on a mobile device only when they are signed with a developer signature. Sign it by using apksigner or jarsigner.

          • apksigner

            apksigner sign --ks <keystore_file_path> --ks-key-alias <keystore_alias> --out <output_apk_path> <input_apk_path>

apksigner sign --ks /Users/AppSafer/Keystore/appsafer.keystore --ks-key-alias appsafer --out com.navercloud.appsafer_signed.apk com.navercloud.appsafer.apk

          • jarsigner

            • After signing, you need to align the files using zipalign.
            jarsigner -verbose -keystore <keystore_apk_path> <input_apk_path> <keystore_alias>
zipalign -p 4 <input_apk_path> <output_apk_path>

jarsigner -verbose -keystore /Users/AppSafer/Keystore/appsafer.keystore com.navercloud.appsafer.apk appsafer
zipalign -p 4 com.navercloud.appsafer.apk com.navercloud.appsafer_aligned.apk
          Note

          If a problem occurs during work, contact us through customer support .

          Stop the app and restart

          You can stop an app in operation or restart a stopped app as below.

          1. From the NAVER Cloud Platform console's Region menu and Platform menu, click the environment you're using.
          2. Click the Services > Security > App Safer menu one by one in order.
          3. Select the app to stop or restart on the app list, and click the [Stop] button or the [Start] button.
          4. When the popup window appears, click the [Stop] button or the [Start] button.
            • The app status is changed right away.

          Edit Blocking Policy

          You can edit the registered blocking policy or the detection message as below.

          1. From the NAVER Cloud Platform console's Region menu and Platform menu, click the environment you're using.
          2. Click the Services > Security > App Safer menu one by one in order.
          3. Click the app for editing the blocking policy or message on the app list, and click the [Set] button of Blocking policy in the unfolded detailed information.
          4. In the blocking policy settings popup window, edit the blocking policy or the detection message.
            • You can set or release the settings for individual blocking policy.
            • To reflect the policy applied to another app the same, click the [Import] button and select the policy to import.
            • For the detection message, you can delete the message registered or add another message excluding the DEFAULT value.
          5. When the editing is complete, click the [OK] button.

          Delete the app

          The following describes how to delete the registered app.

          Note
          • You can delete only a stopped app. To delete an app in operation, first stop the app.
          • You cannot restore the app after deleting it, and the app won't be run on any and all devices with the deleted app installed.
          1. From the NAVER Cloud Platform console's Region menu and Platform menu, click the environment you're using.
          2. Click the Services > Security > App Safer menu one by one in order.
          3. Select the app to delete from the app list, and then click the [Delete] button.
          4. From the delete pop-up window, click the [Delete] button.
            • The app is deleted and disappears from the app list.
          Was this article helpful?
          What's Next
          Change password!
          Changing your password will log you out immediately. Use the new password to log back in.
          Change profile
          Success!
          First name must have atleast 2 characters. Numbers and special characters are not allowed.
          Last name must have atleast 1 characters. Numbers and special characters are not allowed.
          Enter a valid email
          Enter a valid password
          Your profile has been successfully updated.
          Logout