For both Android and Java-based apps, hackers can easily reverse engineer your application using Java decompilers. These expose the source code, making it possible for them to copy or change your code, or inject malicious code into it that can compromise user data, including banking information.

Code obfuscation is one of the most essential security measures developers can use to keep their apps safe. While there are many free obfuscation tools on the market, there are benefits to using tools like DashO that take a more robust approach to application security.

Traditionally, control flow obfuscation introduces false conditional statements and misleading branching, conditional, and iterative constructs to break decompiling tools. It produces spaghetti logic that can be difficult for hackers to understand. This form of Android obfuscation takes additional steps with DashO.

In addition to adding code constructs, DashO destroys the code patterns decompilers use to replicate source code. In turn, the program produces spaghetti logic that turns the work of even the most sophisticated decompilers into pure guesswork.

One common technique hackers use is locating critical code sections by looking for string references inside your binary. For example, if your application is time-locked, attackers can look for the timeout message inside the decompiled output. In this situation, when they find it, they’ll be very close to finding your time-lock algorithm and destroying or tampering with it.

DashO allows developers to protect the resources inside their application’s APK. Doing so makes it harder for attackers to inspect, copy, or alter them for nefarious purposes. DashO encrypts these resources and injects code to decrypt them while the application is running.

Watermarking helps developers track unauthorized copies of their software back to the source. DashO does this by embedding data like copyright information or unique ID numbers into your application without impacting its performance or runtime behavior.

Additionally, DashO’s watermarking algorithm works without increasing the size of your application or introducing extra metadata that could break it.

It’s no secret that smaller applications download, install, load, and run faster than their larger counterparts. DashO’s pruning algorithm analyzes your code to find unused types, methods, and fields, removing them. This in turn decreases the surface area of your app that’s open to attacks.

Furthermore, DashO removes used methods like debugging and logging calls that you don’t want to be visible in deployed applications.

DashO injects code to verify your application’s integrity at runtime. If it detects potential tampering with your code, it can shut down the app, invoke random crashes, or perform other custom actions.

Checks are DashO’s prebuilt validation that the program can inject into your Java or Android-based apps. They enable your app to detect unauthorized use cases, such as debugging or tampering.

However, Checks do more than just detect suspicious activity—they can also react in specified ways, such as forcing the user to exit the app. They can also call into application code, allowing for custom behavior based on the result of the Check. Developers can configure these responses for individual Checks, so all your apps can detect unauthorized uses in the same way, but respond to them differently.

Rooted devices are a serious security concern for Android app developers. However, DashO can detect when an app is running on a rooted device, either offline or on a network. Users on your security team can then abort the session, quarantine the app, or otherwise report the incident.

DashO enables your application to shut down or behave differently when it detects the app is being run on an emulated device. This helps prevent reverse engineering attacks and keeps attackers from probing the application’s defenses through emulation.

Hackers use hooking frameworks to inspect and change your application during runtime without modifying its binaries. DashO can detect the presence of hooking frameworks and enable your app to respond accordingly by shutting down, sending an alert, throwing an exception or hanging, and more.

Shelf Life is DashO’s app inventory management function. It allows you to embed expiration and notification logic into Android applications. DashO injects code that reacts to expiration by forcing the user to exit the application. This feature is particularly useful with beta or evaluation applications.

With Shelf Life, users can schedule an app’s expiration for a specific date and optionally issue warnings to users about the forthcoming deactivation.