Why is Android GMS certification turning out to be vital for the business world?
Learn why GMS certification is important for Android devices
Get fresh insights, pro tips, and thought starters–only the best of posts for you.
Apr 29, 2020
13 min read
With over 3 million applications in the Google Play Store, Android is the most trusted mobile application platform in the app development landscape. A larger part of the application developers prefers Google Play Store over other popular app stores for showcasing their projects. This fame is owed to Google’s liveliness in making its services stable and trustworthy. The Google Play Store scan apps on a daily basis and often removes the obsolete ones. Not just this, but the best-designed security APIs called Android SafetyNet is also one of the major reasons to conjecture the Android platform as ideal for application users as well as developers.
SafetyNet from Google offers a complete suite of features to keep the Android ecosystem in check. The set of services and APIs from SafetyNet are incredibly focused on safety which when tied with an application opens up a new realm of opportunities to safeguard the app against security threats. This blog post explains the check mechanisms inside the SafetyNet system, the easiest way to use it with your application and share some recommendations regarding app integrity verification but note that SafetyNet is not just limited to the pointers described here. In this blog, what we focus mainly on is the most commonly used SafetyNet Attestation API.
SafetyNet is a simple and scalable solution from Google to verify device compatibility and security. For app developers having concerns about their application’s security, Google trusts its Android SafetyNet will be the right answer. With a strong emphasis on security, SafetyNet essentially protects the sensitive data within an application and helps preserve user trust as well as device integrity. SafetyNet is a part of Google Play Services and is independent of the device manufacturer. Therefore, it requires Google Play Services to be enabled on the device for the API to function smoothly.
The hardware-based attestation with SafetyNet helps in determining whether the application could work as expected on the Android gadget. SafetyNet works in combination with the snet service on Android devices which collects data about the integrity of the device and constantly ping Google about the safety status of the device. However, SafetyNet is provided as an optional service for application developers. It’s ideal to integrate SafetyNet into any app but it’s particularly important to run it on apps handling confidential data and enable the option to remotely evaluate the device’s health status. The list includes apps for automation, payment gateway apps, chat clients, e-commerce, gaming apps, and apps complying with security standards like HIPAA.
As Google provides Android as an open source platform, chances are high that the hackers can easily target the data residing on an Android app. The earlier app security measures were confined to emulator detection, checks for rooting and instrumentation tools, etc. But mobile app security checks now involve more inventory collection leaving out hackers much confused about the method used for checking. SafetyNet also works on this principle.
Google offers many other options like application sandboxing, encryption, app-based permissions and so on to secularize apps but none of them are considered as an all-inclusive solution. For instance, a sandbox can be easily broken out through device rooting or using intelligent malicious codes. Using SafetyNet services it’s possible to build secure apps that refuse to run on such tampered device environments.
Being a tamper detection framework, SafetyNet Attestation API is the most popular API often used as a vital part of any mobile app security approach.
SafetyNet Attestation is simply device and app attestation done remotely. It is an anti-abuse API which when added with the abuse detection system of an app checks whether it is running on a genuine Android gadget. The app security mechanism checks the device’s hardware and software environment to create a cryptographically signed attestation.
The API determines the integrity issues on the device and compares the corresponding device profile against the whitelisted device models having Google-approved device profiles. The software backed and hardware-based device profile can be considered compatible only if it matches up with any of the approved profiles in the reference list. A device is considered as approved by Google if it passes the Android Compatibility Test Suite (CTS). Thus, by comparing the device profile against the CTS standards, the API verifies the following:
Rooting grants escalated privileges to users and allows them to circumvent certain security features built into the Android OS. Root privileges allow users to modify the OS and install unsafe software which is not granted by the device manufacturer. This results in malware attacks and effective breaching of sensitive data from the gadget. Devices running custom ROMs are also vulnerable to similar attacks. The data on such devices may not back up securely. Moreover, such unsecured devices may not get Android system updates or run Android features as expected. So, it is critical to check the device integrity before allowing an app to run on an Android gadget.
It’s difficult to build a reliable root/tamper detection system as some checks can be easily bypassed but with Android SafetyNet Attestation API the process is absolutely simple. The hackers cannot simply fake the data if the tamper detection method used is Android SafetyNet attestation API as Google leaves no trace of how the checks are being implemented. By identifying devices which are currently in the non-tampered state the API provides an assurance that the device on which the app is running is neither rooted nor using a custom ROM.
Software protection controls are also vital to protect an app’s data. Client-side protection has its own benefits when employed in the right manner. It checks the app’s integrity and makes sure that the data within the app is never compromised.
The SafetyNet Attestation API uses the following steps to prevent an app from running on devices which are altered, infected, rooted, or unrecognized:
The SafetyNet attestation API returns two parameters: One for basic integrity and the other for the CTS profile match. The basicIntegrity parameter provides information on the integrity of the device whereas the ctsProfileMatch parameter gives you a signal about the compatibility of the device. Rooted devices, virtual devices, and emulators generally fail basic integrity while uncertified devices, devices with custom ROM and unlocked bootloader fails the CTS profile match. The value of both these parameters varies according to the health status of the device.
|Device status marker||basicIntegrity||ctsProfileMatch|
|Certified, genuine device that passes CTS||true||true|
|Certified device with an unlocked bootloader||true||false|
|Genuine but uncertified device, such as when the manufacturer doesn’t apply for certification||true||false|
|Device with custom ROM (not rooted)||true||false|
|No device (protocol emulator script)||false||false|
|Signs of system integrity compromise, such as rooting||false||false|
|Signs of other active attacks, such as API hooking||false||false|
SafetyNet Attestation API can be incorporated into an EMMs DPC to check the integrity of the devices to be managed. The attestation helps EMMs to confirm whether an already enrolled device or a device to be enrolled is tamper-free. It’s highly imperative to opt for an EMM solution supporting SafetyNet Attestation to validate the genuinely of managed devices. SafetyNet Attestation API is an important management tool Hexnode will be enabling soon for its customers.
The EMM console implements the SafetyNet attestation API, checks for the device’s health status and if a gadget is found compromised necessary actions will be taken for further protection. A tampered device will be marked as non-compliant by the EMM and will be reported as same in the EMM portal. Admins will be notified via email that the particular device is found as incompatible. Further, there are measures to choose the level of attestation needed for the device and the compliance action to be taken when the attestation is failed. That is, for an employee-owned device, admin can choose between a basic level attestation or an advanced check according to the use case and decide the compliance actions as required so as to protect employee privacy.
Android SafetyNet empowers developers to fabricate apps with inbuilt application integrity security control to deal with hazardous working environments. When integrated with an EMM solution SafetyNet empowers Android management services to deliver delightful experiences, rocketing the overall device management to the next level.