App Ray Anti-virus Security

Applications uploaded to Kobiton devices, existing in the App Repository or an application uploaded for a single test, will go through a security review process to assure they are safe to upload to a device. The security check is activated by:

  • Binary files downloaded from Internet. Files downloaded on a device are scanned are scanned for viruses before its transferred onto the device. If malware is found, an error will indicate the file can't be served due to a virus threat. 

  • Application files. Applications installed through the App Repository or ad-hoc files uploaded by the user or an external URL are scanned by App-Ray to identify security vulnerabilities.

If an application fails the security check, it will not be installed on a Kobiton device. 

Note: Applications detected with high-risk behavior will be blocked within 2-days which allows Business subscription users to keep testing while waiting for anti-virus scanning approval from security team.

Applications with security threats detected in a trial subscription will be removed immediately. 

Security Threats

This list outlines the types of threats an application will be blocked for once detected: 

Threat type Threat description Severity Requires Kobiton approval
BINARY_BUSYBOX app accesses the busybox binary High Yes
BINARY_SU app accesses the su binary High Yes
DEVICEADMIN app contains a Broadcast Receiver that can acquire device admin rights High Yes
FACTORYTEST app has the FACTORY_TEST permission set High Yes
VIRUS Virus scanners recognize this as malicious High Yes
INITIATE_PHONECALLS app can silently initiate phone calls High Yes
READ_LOGS app is able to read the system log files High Yes
READ_TASKS app checks other applications that are running High Yes
SEND_SMS app can silently send SMS High Yes
SQL_FLAW Potential SQL injections found in X places High Yes
ACCESS_FILES_OTHER_APP app accesses files of another app Minor No
ADS_DYNAMIC X ad libraries are referenced Minor No
ADS_STATIC| X ad servers are contacted Minor No
AUTOSTART app can start automatically when the device is booted Minor No
BACKUP_ALLOWED Backup is allowed Minor No
BACKUP_SELFIMPLEMENTED app handles Android backups Minor No
BLUETOOTH_ADMIN app uses Bluetooth and may initiate device discovery Minor No
BLUETOOTH_USED app uses Bluetooth Minor No
CAMERA_USED app uses the camera Minor No
CAPABILITYLEAK X capability leaks detected Minor No
CONTACTS_READ app can read contact data Minor No
CONTACTS_WRITE app can write contact data Minor No
CRYPTO_SIGNING_KEYLENGTH_LOW Signature key length is less than 1024 bits Minor No
DATAFLOW_STATIC Static data leakage detected Minor No
DEBUGGABLE Debuggable flag set. Sensitive information might be accessible Minor No
DISABLE_KEYGUARD app can silently unlock the screen Minor No
DYNAMICCODE This app loads code dynamically Minor No
FINGERPRINTING The app can fingerprint the runtime environment Minor No
FRAMEBUFFER app has access to the framebuffer Minor No
HTTP_COMMUNICATION_DYNAMIC app communicates over HTTP Minor No
HTTP_COMMUNICATION_STATIC app communicates over HTTP Minor No
LEFTKEY app contains X access keys to web services or APIs Minor No
LOCATION_COARSE app accesses your coarse location Minor No
LOCATION_GPS app accesses your GPS location Minor No
LOCATION_WIFISTATE app accesses your WiFi state, which can potentially leak your location Minor No
MISSING_TAPJACKING_PROTECTION Missing TapJacking protection Minor No
NATIVELIBS app contains native executables Minor No
NESTEDAPK_ACCESSED App-Ray cached a possible .apk file that was accessed at runtime, download Minor No
NESTEDAPK_CONTAINED apps .apk contains one or more nested APKs Minor No
OVERPERMISSIVE X permissions are requested but might not be required Minor No
PASSWORD_READ The app reads account passwords Minor No
PAYMENT_STATIC The app contains the in-app payment libraries Minor No
PROFILE_READ app can read user profiles Minor No
PROFILE_WRITE app can write user profiles Minor No
READ_EXTERNAL_STORAGE app can read the contents of the SD card Minor No

 

How to request bypass approval for risk apps

If an application is flagged with a security threat, you can submit a bypass request which will notify the Kobiton security team for a check. 

Support for bypassing the scanning process for Trial and Business accounts is available for the entire Organization level. In other words, once a Bypass scanning request is approved, App-Ray scanning will be off to all your uploaded applications.

Note: We recommend that trials contact sales in order to shut off scanning for the whole organization

From Apps repository

  1. Go to Apps tab from Kobiton portal website

  2. Select Click to add new app to add an application

  3. Refresh the page to check the security status at the top-left corner of the app

  4. Select Apps with High risk status

    AppsStatus

  5. Click the ellipses drop-down menu at the top-right corner and select View security risks 

    ViewSecurityRisk

  6. Fill in the required information on the Submit bypass request form and click Request to bypass

    BypassingRequestForm

  7.  Once the bypass is reviews, you'll be notified by email about the application's status. 

From manual test session

  1. Launch a device from the Devices tab on Kobiton portal

  2. On the Apps tab, click Choose file

  3. Select an application. Applications with security threats will display an error message i

  4. On the error message, click View Detail 

    ViewDetailInTestSession

  5. Fill in the required information on the Submit bypass request form and click Request to bypass

  6. After the bypass request is sent the application will in the Kobiton apps repository, but will have  a security approval pending status until the bypass is approved. 

    For Trial and Business users, other versions of the applications will also be approved to bypass the antivirus scanning once the application is approved at the Organization level.

Was this article helpful?
0 out of 0 found this helpful