The acronym RASP means Runtime Application Self Protection. The service is composed of a library designed to provide application security services to mobile applications.

Overview

The RASP provides a set of API functions that can be used to embed security in an existing app.

Such library allows the app embedding it to monitor its environment by checking the system, communications, and other applications status, in order to be aware at any time of the risk level on the device, and react to threats.

Supported API level for SDK embedding

Our RASP library can be deployed on operating systems from Android 8.0 and higher.

minSdk = 26

Getting started

Implementation of RASP library

Load our maven repository dependencies for RASP library on settings.gradle.kts:

maven {
    name = "Nexus"
    url = uri(https://nexus.pradeo.io/repository/maven-releases/)
    credentials {
        username = YOUR_NEXUS_USER
        password = YOUR_NEXUS_USER_PASSWORD
    }
}

Call our RASP library version on build.gradle.kts

dependencies {
    implementation("com.pradeo:rasp:1.6.0")
    
    ...
}

RASP initialization

To access Advanced functionalities, you shall initialize the RASP as follow:

val accessKey = "YOUR_ACCESS_KEY"
val secretKey = "YOUR_SECRET_KEY"

val configuration = RASPConfiguration(
    context = requireActivity(),
    tenant = "YOUR_TENANT",
    periodicity = Duration.parse("5s"),
    //id = "YOUR_CUSTOM_DEVICE_ID" /*optional*/
)

To use the "Core" features of RASP, you should be load and initialize a RASP class with:

register(configuration: RASPConfiguration, accessKey: String)

To use the "Advanced" features of RASP, you should be load and initialize a RASP class with:

register(configuration: RASPConfiguration, accessKey: String, secretKey: String)

Release note and migration guide

Changelog

📢 1.6.0 (24.12.2024)

• NEW core system diagnosis:
  

  Determine if the application or the system is hooked.

  isHooked

  Content copied to clipboard



• ⚠️ Migration to 1.6.0 from 1.5.0 ⚠️

  NEW licenses:

  `APPLICATION_THREATS_DEVICE_RETRIEVE_ANTIVIRUS_SCAN`
  `SYSTEM_THREATS_HOOKING_DETECTION`
  

  Content copied to clipboard

  
  CHANGES in license type:

  `NETWORK_THREATS_ROGUE_ACCESS_POINT_DETECTION` => Core + Advanced license
  

  Content copied to clipboard

  
  CHANGES to the application report retrieval function `retrieveDeviceApplicationReport`. It returns now a new version of the application report: `Response.RetrieveDeviceApplicationReportV3`.

  Make sure you apply the proper modifications to any processing of the application report already implemented.

  
  NEW Retrieve application virus analysis with the following method:

  /*@param application [ApplicationMetadata] — application for which the antivirus analysis is requested.*/
  retrieveDeviceApplicationAntivirusScan(application: ApplicationMetadata)

  Content copied to clipboard

  
  NEW Make a server request to analyse a specific application if it`s virus analysis report is not found

  /*@param application [ApplicationMetadata] — application for which the antivirus analysis is requested.*/
  askForAntivirusScan(application: ApplicationMetadata): Boolean

  Content copied to clipboard

📢 1.5.0 (13.03.2024)

• NEW core network diagnosis:
  

  Determine if the device is currently under an ARP poisoning attack.

  underARPPoisoningAttack

  Content copied to clipboard


• NEW core system diagnosis:
  

  🚧 BETA - Determine if the user has installed applications from unknown sources.

  unknownSourcesEnabled 

  Content copied to clipboard
  
  

  Determine the presence of certain accessibility options that may pose a security or privacy risk.

  haveRiskyAccessibilityOption

  Content copied to clipboard


• Integrated gRPC implementations in a lighter Protobuf structure
• Improved support to accept askOverlay() permission by focusing on package name (rasp.configuration.context.packageName)

• ⚠️ Migration to 1.5.0 from 1.4.0 ⚠️

  NEW licenses:

  `NETWORK_THREATS_ARP_POISONING_DETECTION`
  `SYSTEM_THREATS_UNKNOWN_SOURCES_DETECTION`
  `SYSTEM_THREATS_ACCESSIBILITY_OPTION_ENABLED`

  Content copied to clipboard

  
  CHANGES in license names:

  `NETWORK_THREATS_ROGUE_ACCESS_POINT` => `NETWORK_THREATS_ROGUE_ACCESS_POINT_DETECTION`
  `SYSTEM_THREATS_DEVELOPER_MODE` => `SYSTEM_THREATS_DEVELOPER_MODE_ENABLED`
  `APPLICATION_THREATS_PACKAGES_LIST` => `APPLICATION_THREATS_INSTALLED_PACKAGES_LIST`

  Content copied to clipboard

📢 1.4.0 (23.10.2023)

• Application shrinking to save data usage for upload
• Application installation observer
• New report application workflow
• Filter on non-systems apps list
• Added a enumeration of diagnostic symptoms for the geolocation function
• Added a device registration ID parameter on RASP configuration
• Added a return parameter for disconnect WiFi connection remediation
• Improvement of methods for the database of URLs categorized at risk

• ⚠️ Migration to 1.4.0 from 1.3.1 ⚠️

  The application report retrieval function `retrieveDeviceApplicationReport` has evolved and now becomes the following function:

  retrieveApplicationReportStatus(
      application: ApplicationMetadata,
      automaticUpload: Boolean = false,
      shrink: Boolean = true
  ): Flow

  Content copied to clipboard

  The old upload procedure was to use the `uploadApplication(application, true)` function then `repeatedDeviceApplicationReportRetrieval(application, false)` function, which is deprecated but still available. From now on, the `retrieveApplicationReportStatus` function, with `automaticUpload` set to true, is sufficient to upload an application. Applications will be sent with the `shrink` option by default.

  
  NEW List of newly installed application packages since the last scan:

  listNewlyInstalledApplicationPackages(): Sequence(ApplicationMetadata)

  Content copied to clipboard

  
  NEW List of newly installed application packages from the specified installation date:

  /* @param `installationDateCollected` specified installation date on which packages are collected */
  listNewlyInstalledApplicationPackages(installationDateCollected: Instant): Sequence

  Content copied to clipboard

  
  NEW Parameter to retrieve the list of installed applications:

  /* @param `excludingNatives` to exclude non-system apps, by default to false */
  listInstalledApplications(excludingNatives: Boolean): Sequence

  Content copied to clipboard

  
  NEW Return parameter with a tracking diagnostic symptom for geolocation fonction:

  /* @return `Pair(Boolean, ArrayList)`
   *              — `Boolean` true if the geolocation is currently detected,
   *              — `ArrayList` symptoms of location features/providers enabled on the device. */
  trackingIsEnabled(): Pair(Boolean, ArrayList)

  Content copied to clipboard

  
  NEW optional device registration ID parameter on RASP configuration:

  /* @param id `String` — the device registration identifier (less than 128 characters) */
  val configuration = RASPConfiguration(
      context = mainActivity,
      tenant = "${MY_TENANT}",
      periodicity = Duration.parse("5s")
      id = "982fbfe1-dc7a-4ef2-a485-37b93d430cb1"
  )

  Content copied to clipboard

  
  NEW Return parameter with a tracking diagnostic symptom for geolocation fonction:

  /* @return `Pair(Boolean, Int)`
   *              — `Boolean` true if the disconnection was launched,
   *              — `Int` 0 if performed automatically, otherwise 1 if the user was redirected to wifi settings */
  disconnectWifiConnection(): Pair(Boolean, Int)

  Content copied to clipboard

📢 1.3.1 (01.03.2023)

• Improvements to the Rogue Access Point detection diagnostic
• Improvements to the functionality and checking process of certified applications
• Changes in the storage of license registration keys
• Added documentation on application uploads, application reporting features and manifest permissions features
• Improvements in accessor handling
• Samples updated and added for Android a build variant without the request of permissions

• ⚠️ Migration to 1.3.1 from 1.2.1 ⚠️

  Changes have been made to the RASP configuration preferences regarding RASP licenses, if you wish to upgrade an application that has already embed RASP features, you should run a RASP.clear() to register for a license. Users not yet enrolled on a license are not impacted. The procedure is provided on the sample:

  RASP.clear(requireContext())

  Content copied to clipboard

  
  To request location permission, with the latest Android SDK procedures with shouldShowRequestPermissionRationale, you need to give an AppCompatActivity as parameter, explained in the sample:

  rasp.toolkit.permission.askLocation(requireActivity())

  Content copied to clipboard

  
  The `OS_NOT_UP_TO_DATE` threat became `NOT_UP_TO_DATE`.
  Some watcher functions have been renamed:
  `osNotUpToDate` became `isNotUpToDate`
  `bluetoothEnabled` became `bluetoothIsEnabled`

  val networkModel = rasp.watcher.network.observe()
  networkModel.bluetoothIsEnabled.collect {...}
  
  val systemModel = rasp.watcher.system.observe()
  systemModel.isNotUpToDate.collect {...}

  Content copied to clipboard

📢 1.2.1 (06.12.2022)

• Improvements in Core/Advanced license handling

📢 1.2.0 (25.11.2022)

• Improvements in detections based on network connectivity
• Added functionalities on runtime checks remediation

📢 1.1.5 (07.11.2022)

• Added API functionalities to the Advanced license

📢 1.0.6 (20.10.2022)

• Database migration to SQLite’s Room
• Improvements of the coroutine threads

Packages