DocsICP FilingConsole
官方文档
首页

Product introduction

更新时间:
复制 MD 格式
产品详情
我的收藏

Mobile Security Armor (MSA) protects mobile applications against reverse engineering, cracking, and runtime tampering. Built on Alibaba Cloud's mobile security hardening technology, it covers Android, iOS, HarmonyOS, and HTML5 applications.

Why applications need hardening

  • Android application hardening

    Android's open-source nature makes Android Package (APK) and Android App Bundle (AAB) packages vulnerable to piracy, decompilation, and cracking, exposing application data and user privacy. MSA hardens these packages and runs compatibility and functional regression testing on the hardened output to maximize protection against cracking.

  • iOS application hardening

    As cracking and analysis techniques evolve, Apple's built-in security measures — including iOS App (IPA) encryption — no longer meet modern iOS security requirements. MSA uses a security compiler to harden core code, significantly raising the difficulty of reverse analysis and protecting against cracking and attacks.

  • HTML5 application hardening

    Mobile security regulations require HTML5 applications to be hardened. MSA erases the original execution flow and obfuscates function and variable names, making the processed JavaScript code difficult to read. This prevents HTML5 applications from being cracked or used without authorization, protecting the rights of HTML5 developers.

  • HarmonyOS application hardening

    HarmonyOS NEXT native applications face threats including code reverse engineering and repackaging. MSA provides in-depth protection for HarmonyOS HAP and App packages using code obfuscation, Shared Object (SO) library hardening, and techniques designed for the HarmonyOS system, delivering multilayer security protection. This defends against decompilation and hook injection while ensuring the stable operation of HarmonyOS native applications through comprehensive compatibility and functional regression testing.

Benefits

  • Simple and out-of-the-box

    Upload an APK to harden Android applications. Use the Xcode compiler or upload an IPA to harden iOS applications. Upload an HAP or App package for HarmonyOS applications. Upload a JS file for HTML5 applications.

  • High stability and compatibility

    MSA is built on Alibaba Cloud's mobile security hardening technology, battle-tested in large-scale services with hundreds of millions of users, including Taobao. It balances security and compatibility, achieving an extremely low crash rate.

    It supports ARM, AArch64, x86, and x64 architectures and all Android system versions from Android 4.2 and later.

    The iOS security compiler supports multiple languages, delivers stable performance across all mainstream device models, and is compatible with the latest version of Xcode.

  • Java2C to improve security

    Bytecode is converted into native binary code and compiled into an SO file invoked by the Java Native Interface (JNI). This prevents attackers from applying Java reverse engineering techniques to reconstruct your application logic.

  • Enterprise-grade capabilities

    MSA provides OpenAPI capabilities for integration with CI/CD systems such as Jenkins, reducing manual steps in your release pipeline. It also supports hotpatching and is compatible with mainstream solutions including mPaaS Hotpatching, Alibaba Cloud Hotpatch, and Tencent Tinker Hotpatch.

Features

The following sections list the hardening features for Android, iOS, HarmonyOS, and HTML5 applications. For more information about these features, see the Terms.

The following sections list the hardening features for Android, iOS, HarmonyOS, and HTML5 applications. For more information about these features, see the Terms.

  • Hardening features for Android applications:

    • Standard Edition: APK/AAB package hardening and class security hardening.

    • Professional Edition: Anti-hooking, anti-rooting, anti-emulator, SO hardening, anti-debugging, anti-memory dumping, anti-repackaging, asset file protection, anti-multi-instance, Virtual Machine Protection (VMP), protection against injection attacks, and anti-hijacking.

  • Hardening features for iOS applications:

    • Source code hardening: Constant encryption, instruction replacement, control flow flattening, false control flow, junk and bad instructions, call graph obfuscation, symbol encryption, and pointer encryption.

    • Package hardening: Anti-jailbreaking, anti-repackaging, anti-proxy, anti-multi-instance, protection against injection attacks, anti-hooking, string encryption, ustring-only encryption, anti-debugging, and UI capture protection (anti-screen recording, anti-screenshot, and anti-screen mirroring).

  • Hardening features for HarmonyOS applications: Code obfuscation, string encryption, and SO hardening.

  • Hardening features for HTML5 applications: Expression replacement, constant string encryption, code compression, object key replacement, anti-formatting, anti-debugging, function and variable name obfuscation, JS domain name binding, disable console output, control flow flattening, false control flow, and virtualization protection (VMP).

Previous:Product AnnouncementsNext:Glossary