From ride-hailing, navigation and mobile travel
To gaming, streaming, and social media
Mobile apps have become indispensable in daily life
But increased convenience puts sensitive user data at risk
HMS Core Safety Detect offers unique protections
For comprehensive app security with little effort!
What Is Safety Detect?
Safety Detect is an open multi-dimensional security detection service offered by Huawei, that helps developers bolster app security capabilities, based on the Trusted Execution Environment (TEE) on Huawei phones, without compromising user experience.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
System Integrity Check (SysIntegrity)
SysIntegrity is capable of checking whether the user device is rooted, unlocked, or escalated for higher permissions, and uses this information to help you determine how and when to restrict your app's behavior to avoid potential leaking of sensitive user information or financial information.
A unique advantage of SysIntegrity is that it is based on the TEE OS, which is built into every Huawei phone (running EMUI 9.0 or later). The TEE OS comes with Huawei's in-house microkernel, which has achieved the prestigious CC EAL 5+ certification, and is the first solution of its kind to pass formal verification. Having integrated SysIntegrity, it can isolate apps for bolstered protection, and provide independent privacy security protection services. For example, services with high security requirements, such as the payment services, are provided with the appropriate level of protection in the TEE OS.
App Security Check (AppsCheck)
When your app has integrated AppsCheck, it can obtain a list of malicious apps on the user's device, which provides a strong basis for high-level risk analysis (for risky/virus-infected apps). Users are then warned of the presence of any risks on your app, or prompted to exit your app. According to the three largest global virus evaluation agencies, AppsCheck can detect malicious apps with a staggering accuracy rate of 99%.
Malicious URL Check (URLCheck)
With URLCheck, your app can determine whether a visited URL contains phishing or malware apps. The check strikes the optimal balance between performance and timeliness, and is capable of detecting a wide range of malicious URLs, such as phishing and Trojan-infested URLs. URLCheck is easy to integrate into your app, and provides trusted, operation-free security services, reducing the costs associated with developing secure browsing services.
Fake User Detection (UserDetect)
Fake user detection is critical for app operations, as the presence of fake operations such as game bots, activity bonus hunting, and malicious spamming, can give your app a bad reputation. UserDetect can identify spoofed devices, based on the device signature and identifier, and identity relevant environmental risks, such as roots, simulators, VMs, device change tools, and anonymous IP addresses. It can also recognize fake users based on screen touch and sensor behavior, as well as prevent batch registration, credential stuffing attacks, bonus hunting, and content crawlers. These safeguards provide your app's users with unmatched peace of mind.
Many popular apps have integrated Safety Detect, such as the app for International News Agency and Radio Sputnik, APUS, a popular browser in India and Southeast Asia, and 1998 Camera in Vietnam.
How Can I Integrate HUAWEI Safety Detect?
Each of the four functions in Safety Detect has a dedicated API that is easy to integrate. For guidance during the integration process, please refer to the HUAWEI Developers website, where you will find the integration guide and other resources for reference, or acquire your answers from HUAWEI Developer Forum.
* HMS Core 4.0 courses produced by HUAWEI Developers are now available on Huawei official channels, including Video Center on HUAWEI Developers.
Related
Konstantin Stepanenko, Chief Product Officer at the Russian company CardsMobile, shared with developers the success story of CardsMobile's leading wallet app Koshelek which cooperates with Huawei's HMS ecosystem. By integrating the open capabilities of Huawei's HMS Core, Koshelek's e-payment efficiency is greatly improved and payment security is ensured.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Digitalization of Cards with Koshelek
Back in 2013, CardsMobile launched its first Near Field Communication (NFC) payment project. Today, Koshelek has established partnerships with most top retailers in Russia and can now digitalize physical cards that have already been issued and directly issue new virtual mobile cards within the app. For newly issued in-app cards, Koshelek can also aggregate various account details provided by partners, such as the reward balance and personal discounts.
In order to support bank cards in Koshelek, CardsMobile teamed up with Mastercard and Visa's international payment systems, and received an international license to manage tokenization and transactions for cards of any banks connected via Mastercard MDES and Visa VTS. Konstantin, Chief Product Officer at CardsMobile and the developer of Koshelek, attributed the seamless and smooth payment services on new Huawei smartphones to HMS.
The premium payment experience brought by the cooperation with Huawei HMS has instilled confidence in CardsMobile's further development. As part of its plan to deepen the integration with HMS Core, Konstantin said that CardsMobile has aimed to create a unified payment experience on Huawei smartphones using HUAWEI IDs. Meanwhile, CardsMobile has devoted itself to explore different ways to implement its payment platform on Huawei smartphones and Huawei's other smart devices.
HUAWEI Safety Detect Service Protects User Data
Koshelek allows users to digitalize and store their wallets and personal cards in the app, which involves security issues of sensitive user data in the industry.
Koshelek creates a separate user profile for each user to store user information. In this way, users won't need to enter their information twice, which improves the card issuance efficiency. Koshelek also generates a dynamic bar code based on the algorithm provided by a partner retailer, which many retailers use to authenticate loyalty members.
To prevent security risks caused by attacks on user information and credentials, CardsMobile makes HUAWEI Safety Detect an important element of mobile app operations, which is an effective way of detecting interference.
For example, when a user uses an electronic credit card account such as Visa or MasterCard in Koshelek, the user will need to enter a card verification code (CVC) to check the system environment safety of the device. If Koshelek's safety detection system which integrates HUAWEI Safety Detect indicates that the device system environment fails the SysIntegrity detection, Koshelek will not allow the user to use the app on that device so as to ensure transaction security.
In addition to the SysIntegrity detection, HUAWEI Safety Detect also provides fake user detection (UserDetect), app security check (AppsCheck), malicious URL check (URLCheck), and malicious Wi-Fi detection (WifiDetect) functions to quickly determine whether the device system has been maliciously attacked, rooted, or unlocked. In this way, users can be informed of risks or have their behavior restricted so as to protect user privacy and fund security.
Nikolay finished by thanking Huawei for providing high-quality functions and services via the HMS ecosystem. "We thank Huawei for providing new opportunities for developers. It was the introduction of the Safety Detect service that enabled our company to develop a technical solution able to satisfy all the international payment systems' requirements and to provide resources for all Russian users of new Huawei devices to tokenize bank cards and conduct contactless NFC payments."
Future: dedicated to providing globally unparalleled payment services
CardsMobile aims to provide users with globally unparalleled payment services through in-depth cooperation with HMS, and to lead the industry and market in terms of security, service quality, and convenience.
Overview
DStv Now is a popular entertainment app owned by Multichoice in Africa. It enables users to watch their favorite video content online or through offline caching. Because the app's developer is committed to providing secure and reliable digital video content to users, they integrated two HUAWEI Safety Detect functions: system integrity check (SysIntegrity) and app security check (AppsCheck). This helped DStv Now to improve video smoothness.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Challenges
Ensuring the security of an app's running environment is critical to both providing a risk-free user experience and protecting video content. Malicious apps on user devices pose security threats to user accounts and personal information. Knowing this, DStv Now's developer decided that integrating security check capabilities was vital to evaluating the security of devices' environments.
DStv's Technical Director said: "We continuously optimize our app to adapt to different devices. However, we still need to ensure that our app runs on certified devices, to comply with the requirements of some content providers, and offers users a smooth streaming experience."
Solution
Safety Detect is a multi-dimensional open security detection service offered by Huawei. It provides a range of functions, such as SysIntegrity and AppsCheck, to help apps quickly build security capabilities which protect user privacy and security. DStv's Technical Director said, "Safety Detect helps us check whether a device is certified and ensure that the device has not been tampered with." DStv Now calls SysIntegrity and AppsCheck whenever a user registers an account, watches a video online, or caches a video in the app.
SysIntegrity, which is based on a Trusted Execution Environment (TEE) and digital certificate signature, helps DStv Now check whether the device running the app is secure, for example, whether the device has been rooted. AppsCheck helps DStv Now obtain a list of malicious apps on devices on which it has been installed. If risks are detected during this process, DStv Now can determine whether to restrict the app's functionality, or provide a warning to the user. "Using Safety Detect has helped us improve app security and ensure that users only use our app on certified devices", said the Technical Director of DStv Now. "This helps us root out piracy and ensure that streaming and video playback are done on devices certified by our content providers." The director went on to say, "It also helps us deliver a smooth user experience as we can develop our features based on certified devices, without worrying that our app is catering to tampered devices."
HUAWEI Safety Detect meets DStv Now's security check requirements and enables the app to provide more secure and reliable video content. The technical director said, "After integrating the SysIntegrity and AppsCheck functions, the video smoothness is assured."
Results
Video smoothness is assured.
User accounts are more secure.
Video playback is more secure.
Overview
Koshelek is a leading electronic payment app developed by Cardsmobile in Russia. Users can add their bank cards to the app for convenient payments. By integrating the SysIntegrity (system integrity check) function in HUAWEI Safety Detect, Koshelek has made electronic payments more secure, and reduced the instances of credit card fraud resulting from device system environment risks.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Challenges
To ensure payment security, the Koshelek app needs to ensure that users' devices used for payment are secure. Any risks, such as if the device is rooted or unlocked, can pose a threat to the users' personal privacy information, transactions, and passwords. Therefore, the development team of Koshelek needs to implement security detection capabilities which would enable the app to evaluate device environment security.
There is another reason why data security is of the utmost importance for the Koshelek app. "We create user profiles which we use to store user and credit card information", said Nikolay Ashanin, Cardsmobile's Chief of Mobile Development. "It is therefore imperative that all user data is completely secure."
Solution
HUAWEI Safety Detect is a multi-dimensional, open security detection service. It provides functions such as SysIntegrity to help apps quickly build security capabilities and protect users' privacy and security.
"We consider Safety Detect to be one of the main elements of our app protection system", said Nikolay Ashanin. By integrating the SysIntegrity function, the Koshelek app is able to evaluate the security of a user's device environment when the user is making payments.
If the user's device does not pass the SysIntegrity check, Koshelek can inform the user that their device is at risk, and prevent them from proceeding. This protects the user's account security, personal information, and transactions. "Safety Detect has enabled our company to develop a technical solution that satisfies the requirements of the international payment system", Nikolay Ashanin said, "HUAWEI Safety Detect has made the development process more efficient and convenient."
SysIntegrity meets Koshelek's requirements for security detection capabilities which are applicable to payments and transactions. It helps the app deliver secure bank card token services that meet international payment requirements. "After we integrated SysIntegrity, we saw that instances of credit card fraud resulting from device system environment risks was reduced", said Nikolay Ashanin.
Results
Credit card fraud instances resulting from device system environment risks were reduced.
The Koshelek app is able to satisfy international payment system requirements.
Can it be used with Visa, Mastercard and American Express ?
Overview
iCard is a popular mobile wallet app in Bulgaria. Backed by over 12 years of industry experience and a large user base, iCard provides services such as bank card management, collection and payment, international transfers, and foreign currency exchange for more than 30 countries and regions in Europe. How to ensure user account and transaction security and prevent itself from being attacked on risky devices have always been the key challenges of iCard.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Challenges
Risky devices undoubtedly affect app systems and users alike. Martin Dimitrov, head of mobile development team in iCard, said, "Jailbreak and root processes essentially alter the operating system and its security level. The more change that the operating system tolerates, the greater the likelihood that a legitimate app will be vulnerable after a device is jailbroken or rooted."
If a user is unaware that their device has been tampered with and signs in to and uses an app on the device, their account and personal data may be at risk and it can be difficult to check the system integrity of devices. iCard needs to integrate a powerful detection capability to check whether the device running the app is risky.
Solution – integrating SysIntegrity API
Fortunately, by integrating the SysIntegrity API of HUAWEI HMS Core Safety Detect Kit, iCard can quickly check whether the device is secure or rooted during user sign-in. SysIntegrity is free for developers to use and works using the Trusted Execution Environment (TEE), and helps app developers build security capabilities to protect user privacy and app security through tamper-proof and reliable check results.
Risk prevention, starting from App login
Martin Dimitrov said, "With SysIntegrity integrated, our app can detect risks once a user signs in to it on a rooted device, and it will then show a security warning to notify the user of possible risks, such as financial losses and information leaks." Furthermore, it only takes 1 person-day to integrate SysIntegrity.
(iCard app displays a message indicating that the phone is risky.)
Martin Dimitrov added, "After integrating SysIntegrity, the instances of risky sign-in on rooted phones have been reduced by around 10% which is a really good number. And we can also make the development process more convenient and efficient."
Results
The instances of risky sign-in on rooted devices reduced by about 10%.
User accounts and transactions are now well safeguarded.
Find out more on:
Huawei developers official page
Experience the easy-integration process on Codelabs
Submit a trouble ticket online for any problems during integration
Rediit: https://www.reddit.com/r/HuaweiDevelopers/
Github: https://github.com/HMS-Core/hms-safetydetect-demo-android
Stack Overflow: https://stackoverflow.com/questions/tagged/huawei-mobile-services?tab=Newest
Very interesting Security.
KBZPay is Myanmar's fastest growing mobile wallet app, enabling millions of people to store, transfer, and spend money directly from their smartphones. KBZPay is powered by KBZ Bank, a bank with a 40% market share in the domestic retail and commercial banking sectors. Moving into the digital age, KBZ Bank has worked with Huawei for years to build digital financial infrastructure and services for its users nationwide.
The Challenges
Mobile banking is balanced on three main demands: performance, convenience, and security. To move with future trends, KBZPay wants to provide the ultimate user experience built on trust and loyalty. This app is dedicated to delivering convenience to users, and ensuring that users know their private financial information is secure.
Specifically, users want hardened security for services like changing PIN or applying for a loan, and a streamlined process for verification, which was inconvenient. In most cases, users needed to call or even go to their bank in person for account verification.
In addition, KBZ Bank wanted to better leverage its internal resources, preventing them from being restrained by any limits.
Why HMS Core ML Kit
To improve their product portfolio, KBZPay browsed the offerings on HMS Core ML Kit, a toolkit with various machine learning capabilities. KBZPay settled on the liveness detection function, which captures and verifies user face data to determine whether a face is real or is a fake.
This function offers a range of features, including:
● Accurate verification: During the testing and implementation phases, liveness detection proved to be 99% accurate in identifying and verifying faces, helping to protect user accounts.
● Integrate once, use everywhere: Liveness detection enables users to change pins and passwords without calling or visiting KBZ Bank, ensuring higher UX.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
The Benefits
The liveness detection function makes verification much easier, allowing users to complete verification swiftly. KBZPay users can now verify their identity anywhere, anytime through the app which is secure against fake face attacks and does not require the user to take additional actions.
This cooperation between KBZPay and Huawei signals the first banking app in Myanmar to implement liveness detection from ML Kit. Looking forward, KBZPay plans to work with Huawei into other key scenarios, like login and loan applications.
Discover more Developer Stories and how you can grow with Huawei.
Explore more opportunities with Huawei at our Ecosystem Partners Website.