Overview
DStv Now is a popular entertainment app owned by Multichoice in Africa. It enables users to watch their favorite video content online or through offline caching. Because the app's developer is committed to providing secure and reliable digital video content to users, they integrated two HUAWEI Safety Detect functions: system integrity check (SysIntegrity) and app security check (AppsCheck). This helped DStv Now to improve video smoothness.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Challenges
Ensuring the security of an app's running environment is critical to both providing a risk-free user experience and protecting video content. Malicious apps on user devices pose security threats to user accounts and personal information. Knowing this, DStv Now's developer decided that integrating security check capabilities was vital to evaluating the security of devices' environments.
DStv's Technical Director said: "We continuously optimize our app to adapt to different devices. However, we still need to ensure that our app runs on certified devices, to comply with the requirements of some content providers, and offers users a smooth streaming experience."
Solution
Safety Detect is a multi-dimensional open security detection service offered by Huawei. It provides a range of functions, such as SysIntegrity and AppsCheck, to help apps quickly build security capabilities which protect user privacy and security. DStv's Technical Director said, "Safety Detect helps us check whether a device is certified and ensure that the device has not been tampered with." DStv Now calls SysIntegrity and AppsCheck whenever a user registers an account, watches a video online, or caches a video in the app.
SysIntegrity, which is based on a Trusted Execution Environment (TEE) and digital certificate signature, helps DStv Now check whether the device running the app is secure, for example, whether the device has been rooted. AppsCheck helps DStv Now obtain a list of malicious apps on devices on which it has been installed. If risks are detected during this process, DStv Now can determine whether to restrict the app's functionality, or provide a warning to the user. "Using Safety Detect has helped us improve app security and ensure that users only use our app on certified devices", said the Technical Director of DStv Now. "This helps us root out piracy and ensure that streaming and video playback are done on devices certified by our content providers." The director went on to say, "It also helps us deliver a smooth user experience as we can develop our features based on certified devices, without worrying that our app is catering to tampered devices."
HUAWEI Safety Detect meets DStv Now's security check requirements and enables the app to provide more secure and reliable video content. The technical director said, "After integrating the SysIntegrity and AppsCheck functions, the video smoothness is assured."
Results
Video smoothness is assured.
User accounts are more secure.
Video playback is more secure.
Related
From ride-hailing, navigation and mobile travel
To gaming, streaming, and social media
Mobile apps have become indispensable in daily life
But increased convenience puts sensitive user data at risk
HMS Core Safety Detect offers unique protections
For comprehensive app security with little effort!
What Is Safety Detect?
Safety Detect is an open multi-dimensional security detection service offered by Huawei, that helps developers bolster app security capabilities, based on the Trusted Execution Environment (TEE) on Huawei phones, without compromising user experience.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
System Integrity Check (SysIntegrity)
SysIntegrity is capable of checking whether the user device is rooted, unlocked, or escalated for higher permissions, and uses this information to help you determine how and when to restrict your app's behavior to avoid potential leaking of sensitive user information or financial information.
A unique advantage of SysIntegrity is that it is based on the TEE OS, which is built into every Huawei phone (running EMUI 9.0 or later). The TEE OS comes with Huawei's in-house microkernel, which has achieved the prestigious CC EAL 5+ certification, and is the first solution of its kind to pass formal verification. Having integrated SysIntegrity, it can isolate apps for bolstered protection, and provide independent privacy security protection services. For example, services with high security requirements, such as the payment services, are provided with the appropriate level of protection in the TEE OS.
App Security Check (AppsCheck)
When your app has integrated AppsCheck, it can obtain a list of malicious apps on the user's device, which provides a strong basis for high-level risk analysis (for risky/virus-infected apps). Users are then warned of the presence of any risks on your app, or prompted to exit your app. According to the three largest global virus evaluation agencies, AppsCheck can detect malicious apps with a staggering accuracy rate of 99%.
Malicious URL Check (URLCheck)
With URLCheck, your app can determine whether a visited URL contains phishing or malware apps. The check strikes the optimal balance between performance and timeliness, and is capable of detecting a wide range of malicious URLs, such as phishing and Trojan-infested URLs. URLCheck is easy to integrate into your app, and provides trusted, operation-free security services, reducing the costs associated with developing secure browsing services.
Fake User Detection (UserDetect)
Fake user detection is critical for app operations, as the presence of fake operations such as game bots, activity bonus hunting, and malicious spamming, can give your app a bad reputation. UserDetect can identify spoofed devices, based on the device signature and identifier, and identity relevant environmental risks, such as roots, simulators, VMs, device change tools, and anonymous IP addresses. It can also recognize fake users based on screen touch and sensor behavior, as well as prevent batch registration, credential stuffing attacks, bonus hunting, and content crawlers. These safeguards provide your app's users with unmatched peace of mind.
Many popular apps have integrated Safety Detect, such as the app for International News Agency and Radio Sputnik, APUS, a popular browser in India and Southeast Asia, and 1998 Camera in Vietnam.
How Can I Integrate HUAWEI Safety Detect?
Each of the four functions in Safety Detect has a dedicated API that is easy to integrate. For guidance during the integration process, please refer to the HUAWEI Developers website, where you will find the integration guide and other resources for reference, or acquire your answers from HUAWEI Developer Forum.
* HMS Core 4.0 courses produced by HUAWEI Developers are now available on Huawei official channels, including Video Center on HUAWEI Developers.
More information about this, you can visit HUAWEI Developer Forum
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
DStv Now is an entertainment app developed by Multichoice for the African market. Users can use it on a wide range of devices encompassing mobile devices, set-top boxes (STBs), game consoles, desktop computers, and smart TVs anytime, anywhere. DStv Now is dedicated to providing secure and reliable digital video content to both individual and family users.
It partners with HUAWEI AppGallery to build more secure and smoother video playback experience for Huawei device users, enabling users to entertain themselves anytime and anywhere. On DStv Now, Huawei device users can download live TV programs for offline playback, find their favorite TV series, movies, and sports events, and choose from local and international channels covering entertainment, news, music, lifestyle, and more.
HUAWEI AppGallery can provide featured and abundant global and local apps for about 650 million Huawei device users in over 170 countries and regions. Multichoice has always been bearing privacy protection and app security in mind when designing, developing, and operating DStv Now, dedicated to providing secure services for users.
DStv Now Integrated AppGallery Connect Safety Detect
Users are concerned about app security, and therefore it is significant for developers to ensure that their apps are secure and reliable. DStv Now is a typical entertainment app released on HUAWEI AppGallery. By leveraging the powerful capabilities of AppGallery Connect Safety Detect, its security has been improved greatly.
Safety Detect is a multi-dimensional open security detection service launched by HUAWEI AppGallery Connect. It detects system integrity, app security, malicious URLs, and fake user accounts, helping quickly build security for diverse apps including entertainment, finance, game, social, and shopping apps.
According to the feedback from the DStv Now's engineering leader, both the video playback experience and security of DStv Now have been improved since the integration with AppGallery Connect Safety Detect.
Safety Detect works in the following scenarios for DStv Now:
1. A user starts watching a video.
2. A user registers a device to allow video playback on this device.
3. A user downloads video content for offline playback.
Advantages:
The engineering leader of DStv Now said that "Using Safety Detect has helped with security and to gain assurance that our clients are using our app on certified devices. This helps root out piracy and assurance that streaming and video playback is being done on devices that are approved by our content providers. It also helps with ensuring a smooth user experience as we develop our features based on certified devices without the worry of catering to user modified devices."
In addition, DStv Now also leveraged HUAWEI AppGallery Connect Advanced Analytics to better understand user requirements, optimize functions, and provide users with more diversified and refined video content and higher-quality services. As one of the top three app stores in the world, HUAWEI AppGallery has an MAU of 460 million and looks forward to working with more global developers to provide secure and high-quality services for users in over 170 countries/regions around the world.
To download DStv Now, visit AppGallery now. For more information, please visit::
https://consumer.huawei.com/en/mobileservices/appgallery/
Overview
Daily Clean Master is a cleaning app. It quickly rids user's devices of unneeded cached data, junk documents, and residual app files, thereby boosting response times and battery life, and making space for more important data. Now that Daily Clean Master has integrated SynsIntegrity, it has improved its identification rate of fake users created by simulators by 15%, and block fake users with its anti-cheat system effectively.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Challenges
Most apps need to advertise to acquire users, but if an advertising channel yields mainly fake users, its conversion rate will be very low. Daily Clean Master wanted to identify which of the users acquired through their ads were fake.
"If we can determine the proportion of fake users before settling bills with advertisers, we can greatly reduce waste from our marketing budget." said the technical director of Daily Clean Master. "We have already built a mature digital operations framework to improve our user conversion rate and overall efficiency, but in terms of analyzing device information, such as which devices are real, which are simulators, and which are rooted or unlocked devices, we need to take use of identification strengths of the device vendors."
Solutions
By integrating HUAWEI Safety Detect, Daily Clean Master has greatly enhanced its digital operations. The service provides functions such as SynsIntegrity, which plays an important role in identifying fake users. It works by checking the system integrity of users acquired through ads when they are downloading the app and registering an account. During this process, it determines whether the user's device is secure, for example, whether it is rooted, unlocked, or a simulator.
If fake users from simulators are identified, the app's operations team can block them, or ask the advertiser to enhance advertising, reducing waste of the marketing budget. The app can also prevent a user from proceeding if it identifies any security risks on the user's device, for example, the device has been rooted or unlocked, preventing possible risks to the app and improving the app's security.
Safety Detect has helped Daily Clean Master to refine its promotional campaigns and operations. "Safety Detect's SysIntegrity function helps us analyze the proportion of fake users we are getting, so we can systematically monitor our marketing activities at each stage of the journey." said the technical director of Daily Clean Master. "According to our analysis, SysIntegrity helps our app improve the identification rate of fake users from simulators by 15%." the director added.
Result
The app improved the identification rate of fake users from simulators by 15%.
More details like this, https://forums.developer.huawei.com/forumPortal/en/forum/hms-core
Nice boost.
Wdym by fake users?
Overview
International News Agency and Radio Sputnik is a news agency with international reputation. Its news app Sputnik offers high-quality, international news stories covering breaking news, major events, in-depth reports, online video ads, and exclusive interviews. After Sputnik integrated the SysIntegrity function, it improved its detection rate for malicious reviews by 14%.
Challenges
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Dmitry Priemov, head of mobile from Sputnik, said, "We have found malicious attacks on Sputnik's ads. So we started to block users of the app with changed signature, because it definitely means that APK was modified to remove the ads." He added, "We also needed to quickly determine whether the malicious reviews of our app have been posted from devices with a changed signature."
Solution
"We regard system integrity as an important part of evaluating device risks." said Dmitry Priemov. HUAWEI Safety Detect is a multi-dimensional open security detection service. Its SysIntegrity function helps app developers quickly build security capabilities which protect user privacy and app security. "By integrating SysIntegrity, we have clear understanding whether the app is running on rooted device." Dmitry Priemov said.
SysIntegrity works using the Trusted Execution Environment (TEE) and digital signing certificate. It helps Sputnik check whether the device running the app is secure, and detects security risks such as if the device has been rooted. If risks are detected, the app can restrict that device from using certain functions, which prevents the malicious cracking of in-app ads. In addition, with SysIntegrity, the app can skip malicious reviews from some users, just as Dmitry Priemov said, "Our support team just skips any claims from such users or replies them that they have to format their devices and reinstall the app from official store."
Dmitry Priemov said, "Since integrating SysIntegrity, Sputnik has improved its detection rate for malicious reviews by 14%."
Result
Sputnik has improved its detection rate for malicious reviews by 14%.
You can find out more on the following pages:
Huawei developers official page:
SysIntegrity API intro:
Experience the easy-integration process on Codelabs
Rediit: https://www.reddit.com/r/HuaweiDevelopers/
Github: https://github.com/HMS-Core/hms-safetydetect-demo-android
Stack Overflow: https://stackoverflow.com/questions/tagged/huawei-mobile-services?tab=Newest
Overview
iCard is a popular mobile wallet app in Bulgaria. Backed by over 12 years of industry experience and a large user base, iCard provides services such as bank card management, collection and payment, international transfers, and foreign currency exchange for more than 30 countries and regions in Europe. How to ensure user account and transaction security and prevent itself from being attacked on risky devices have always been the key challenges of iCard.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Challenges
Risky devices undoubtedly affect app systems and users alike. Martin Dimitrov, head of mobile development team in iCard, said, "Jailbreak and root processes essentially alter the operating system and its security level. The more change that the operating system tolerates, the greater the likelihood that a legitimate app will be vulnerable after a device is jailbroken or rooted."
If a user is unaware that their device has been tampered with and signs in to and uses an app on the device, their account and personal data may be at risk and it can be difficult to check the system integrity of devices. iCard needs to integrate a powerful detection capability to check whether the device running the app is risky.
Solution – integrating SysIntegrity API
Fortunately, by integrating the SysIntegrity API of HUAWEI HMS Core Safety Detect Kit, iCard can quickly check whether the device is secure or rooted during user sign-in. SysIntegrity is free for developers to use and works using the Trusted Execution Environment (TEE), and helps app developers build security capabilities to protect user privacy and app security through tamper-proof and reliable check results.
Risk prevention, starting from App login
Martin Dimitrov said, "With SysIntegrity integrated, our app can detect risks once a user signs in to it on a rooted device, and it will then show a security warning to notify the user of possible risks, such as financial losses and information leaks." Furthermore, it only takes 1 person-day to integrate SysIntegrity.
(iCard app displays a message indicating that the phone is risky.)
Martin Dimitrov added, "After integrating SysIntegrity, the instances of risky sign-in on rooted phones have been reduced by around 10% which is a really good number. And we can also make the development process more convenient and efficient."
Results
The instances of risky sign-in on rooted devices reduced by about 10%.
User accounts and transactions are now well safeguarded.
Find out more on:
Huawei developers official page
Experience the easy-integration process on Codelabs
Submit a trouble ticket online for any problems during integration
Rediit: https://www.reddit.com/r/HuaweiDevelopers/
Github: https://github.com/HMS-Core/hms-safetydetect-demo-android
Stack Overflow: https://stackoverflow.com/questions/tagged/huawei-mobile-services?tab=Newest
Very interesting Security.