LogoLogo
HomeArticlesCommunity ProductsPremium ProductsGitHubTalsec Website
  • 👋Introduction
  • đŸ› ī¸Integration
    • 🤖Android
      • API
      • Troubleshooting
    • 🍎iOS
      • API
      • Troubleshooting
    • đŸĻFlutter
      • FlutterFlow
      • API
      • Troubleshooting
    • âš›ī¸React Native
      • Expo
      • API
      • Troubleshooting
    • 👾Cordova
      • API
      • Troubleshooting
    • đŸĒŊCapacitor
      • API
      • Troubleshooting
  • 🚀Features and Pricing plans
    • The Key Differences: freeRASP vs. RASP+
  • 🎤What's New and Changelog
  • 📊Security Report
  • âš–ī¸User Data Policies
  • 📄License
  • 🤝Fair Usage Policy (FUP)
  • â„šī¸Wiki
    • Getting Signing Certificate Hash
    • Callback Delay, Telemetry Impact, and Threat Scanning Completion Status
    • Threat detection
      • Detecting rooted or jailbroken devices
      • Emulator detection
      • Hook detection
      • App tampering detection
      • Debugger detection
      • Detecting unofficial installation
      • Device binding detection
      • Missing obfuscation detection [Android devices only]
      • Secure Hardware detection (Keystore/Keychain secure storage check)
      • Passcode
      • System VPN detection
      • Developer Mode detection [Android devices only]
      • ADB enabled detection [Android devices only]
      • Screen Capture
    • Source code obfuscation
    • isProd flag
  • đŸĻ‰FAQ
  • 🧑‍đŸ’ģAbout Us
  • 🤝Contribution
Powered by GitBook
On this page
  • 📝 Prerequisites
  • đŸ“Ļ Add the dependency
  • âš™ī¸ Setup the Configuration for your App
  • 👷 Handle detected threats
  • đŸ›Ąī¸ Start freeRASP
  • 🌁 Enable source code obfuscation
  • â˜ĸī¸ (Optionally) Integrate freeMalwareDetection

Was this helpful?

Export as PDF
  1. Integration

Android

PreviousIntegrationNextAPI

Last updated 2 days ago

Was this helpful?

Example:

📝 Prerequisites

freeRASP requires a minimum SDK level of 23. To update the minimum SDK level of the application, follow these steps:

  1. From the root of your project (or module level), go to the build.gradle.

  2. Update minSdkVersion to at least 23 (Android 6.0) or higher.

build.gradle
buildscript {
    ext {
      minSdkVersion 23
    }
}

Enable Screenshot and Screen Recording Detection

To and , add the following permissions to your AndroidManifest.xml file inside the <manifest> root tag:

 <uses-permission android:name="android.permission.DETECT_SCREEN_CAPTURE" />
 <uses-permission android:name="android.permission.DETECT_SCREEN_RECORDING" />

Screenshot Detection is supported on Android 14 (API level 34) and higher. Screen Recording Detection is supported on Android 15 (API level 35) and higher.


đŸ“Ļ Add the dependency

Set Talsec's Artifact Registry in your project's settings.gradle (or build.gradle). You should comment out the relevant section in settings.gradle, if you want to use build.gradle, as settings.gradle is preferred:

Config via settings.gradle:

repositories {
    google()
    mavenCentral()
    maven { url "https://jitpack.io" }
    maven { url "https://europe-west3-maven.pkg.dev/talsec-artifact-repository/freerasp" }
}
repositories {
    google()
    mavenCentral()
    maven { url = uri("https://jitpack.io") }
    maven { url = uri("https://europe-west3-maven.pkg.dev/talsec-artifact-repository/freerasp") }
}

Config via build.gradle:

repositories {
    google()
    mavenCentral()
    maven { url "https://jitpack.io" }
    maven { url "https://europe-west3-maven.pkg.dev/talsec-artifact-repository/freerasp" }
}

repositories {
    google()
    mavenCentral()
    maven { url = uri ("https://jitpack.io") }
    maven { url = uri ("https://europe-west3-maven.pkg.dev/talsec-artifact-repository/freerasp") }
}

Make sure that Talsec's maven dependency is at the last position.

Set dependencies in your :app module's build.gradle:

[build.gradle (: app)]
dependencies {
    // freeRASP SDK  
    implementation 'com.aheaditec.talsec.security:TalsecSecurity-Community:15.1.0'
}

âš™ī¸ Setup the Configuration for your App

  1. Create an arbitrary subclass of Application(), override its onCreate()method and implement ThreatListener.ThreatDetected interface. You can, of course, use your Application subclass if you already have one in your project. If you encounter issues importing ThreatListener.ThreatDetected, please use 'Sync Project with Gradle Files' to resolve them.“

    TalsecApplication.kt
    class TalsecApplication : Application(), ThreatListener.ThreatDetected {
        override fun onCreate() {
            super.onCreate()
        }
    }

  2. Add a new subclass to AndroidManifest.xml, inside <application> tag:

    AndroidManifest.xml
    <application
        android:name=".TalsecApplication"
    />

  3. Set up the Configuration for your app with your values, which are explained in more detail in API.

    TalsecApplication.kt
    companion object {
        private const val expectedPackageName = "com.aheaditec.talsec.demoapp" // Don't use Context.getPackageName!
        private val expectedSigningCertificateHashBase64 = arrayOf(
            "mVr/qQLO8DKTwqlL+B1qigl9NoBnbiUs8b4c2Ewcz0k="
        ) // Replace with your release (!) signing certificate hash(es)
        private const val watcherMail = "john@example.com" // for Alerts and Reports
        private val supportedAlternativeStores = arrayOf(
            "com.sec.android.app.samsungapps" // Add other stores, such as the Samsung Galaxy Store
        )
        private val  = true
    }

    TalsecApplication.kt
    override fun onCreate() {
        ...
        
        val config = TalsecConfig.Builder(
            expectedPackageName,
            expectedSigningCertificateHashBase64)
            .watcherMail(watcherMail)
            .supportedAlternativeStores(supportedAlternativeStores)
            .prod(isProd)
            .build()
    }

👷 Handle detected threats

  1. Implement methods of ThreatListener.ThreatDetected interface:

    TalsecApplication.kt
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun () {
        TODO("Not yet implemented")
    }
    
    override fun (p0: MutableList<SuspiciousAppInfo>?) {
        println("onMalwareDetected")
    }

  2. Optionally, you can use a device state listener to get additional information about the device state, like passcode lock and HW-backed Keystore state:

    TalsecApplication.kt
    private val deviceStateListener = object : ThreatListener.DeviceState {
        override fun () {
            TODO("Not yet implemented")
        }
        override fun () {
            TODO("Not yet implemented")
        }
    
        override fun () {
            TODO("Not yet implemented")
        }
        
        override fun () {
            TODO("Not yet implemented")
        }
    
        override fun () {
            TODO("Not yet implemented")
        }
    }

  3. Modify initialization of ThreatListener:

    TalsecApplication.kt
    override fun onCreate() {
        ...
        // ThreatListener(this).registerListener(this)
        ThreatListener(this, deviceStateListener).registerListener(this)
    }
  4. (Optional) You can integrate the screen capture methods to detect threats like screenshots - onScreenshotDetected() or screen recording - onScreenRecordingDetected(). If you do not implement the steps below, these detections will not work, in that case, you can just leave the implementations empty.

    To use onScreenshotDetected() you have to be on Android 14+ (API 34+). Also, the application needs the following permission:

    <uses-permission android:name="android.permission.DETECT_SCREEN_CAPTURE" />

    To use onScreenRecordingDetected() you have to be on Android 15+ (API 35+). Also, the application needs the following permission:

    <uses-permission android:name="android.permission.DETECT_SCREEN_RECORDING" />

    To utilize active protection, you can use Talsec.blockScreenCapture(activity, true). To receive whether the screen capture is blocked, you can use the Talsec.isScreenCaptureBlocked(). For more details about all these screen capture methods, see Screen Capture. Integration of all these methods should be performed at the Application level to best address the Android lifecycle:

    TalsecApplication.kt
    import android.view.WindowManager.SCREEN_RECORDING_STATE_VISIBLE
    import java.util.function.Consumer
    
    class TalsecApplication : Application(), ThreatListener.ThreatDetected {
        private var currentActivity: Activity? = null
        private var screenCaptureCallback: Activity.ScreenCaptureCallback? = null
        private val screenRecordCallback: Consumer<Int> = Consumer<Int> { state ->
            if (state == SCREEN_RECORDING_STATE_VISIBLE) {
                Talsec.onScreenRecordingDetected()
            }
        }
        
        override fun onCreate() {
            ...
            registerActivityLifecycleCallbacks(object : ActivityLifecycleCallbacks {
                override fun onActivityCreated(activity: Activity, bundle: Bundle?) {
    
                    // Set to 'true' to block screen capture
                    Talsec.blockScreenCapture(activity, false)
                }
    
                override fun onActivityStarted(activity: Activity) {
                    unregisterCallbacks()
                    currentActivity = activity
                    registerCallbacks(activity)
                }
    
                override fun onActivityResumed(activity: Activity) {}
                override fun onActivityPaused(activity: Activity) {}
    
                override fun onActivityStopped(activity: Activity) {
                    if (activity == currentActivity) {
                        unregisterCallbacks()
                        currentActivity = null
                    }
                }
    
                override fun onActivitySaveInstanceState(activity: Activity, bundle: Bundle) {}
                override fun onActivityDestroyed(activity: Activity) {}
            })
        }
        
        private fun registerCallbacks(activity: Activity) {
            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.UPSIDE_DOWN_CAKE) {
                screenCaptureCallback = Activity.ScreenCaptureCallback {
                    Talsec.onScreenshotDetected()
                }
                activity.registerScreenCaptureCallback(
                    baseContext.mainExecutor, screenCaptureCallback!!
                )
            }
    
            if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.VANILLA_ICE_CREAM) {
                val initialState = activity.windowManager.addScreenRecordingCallback(
                    mainExecutor, screenRecordCallback
                )
                screenRecordCallback.accept(initialState)
            }
        }
        
        private fun unregisterCallbacks() {
            currentActivity?.let { activity ->
                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.UPSIDE_DOWN_CAKE && screenCaptureCallback != null) {
                    activity.unregisterScreenCaptureCallback(screenCaptureCallback!!)
                    screenCaptureCallback = null
                }
    
                if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.VANILLA_ICE_CREAM) {
                    activity.windowManager.removeScreenRecordingCallback(screenRecordCallback)
                }
            }
        }
    }

đŸ›Ąī¸ Start freeRASP

TalsecApplication.kt
override fun onCreate() {
    ...
    Talsec.start(this, config)
}

🌁 Enable source code obfuscation

You can make sure that the obfuscation is enabled by checking the value of minifyEnabled property in your module's build.gradle file.

android {
    ...
    buildTypes {
        release {
            minifyEnabled true
            shrinkResources true
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
    }
}

â˜ĸī¸ (Optionally) Integrate freeMalwareDetection

freeMalwareDetection is a powerful feature designed to enhance the security of your Android application by quickly and efficiently scanning for malicious or suspicious applications (e.g. Android malware) based on various blacklists and security policies.

It helps to detect apps with suspicious package names, hashes, or potentially dangerous permissions.

To ensure freeRASP functions correctly, you need to provide the necessary configuration. All required values must be filled in for the plugin to operate properly. Use the following template to configure the plugin. Detailed descriptions of the configuration options are provided .

You can handle the detected threats using listeners. For example, you can log the event, show a window to the user or kill the application. See the to learn more details about the performed checks and their importance for app security.

For the onMalwareDetected(p0: MutableList<SuspiciousAppInfo>?) callback, make sure you visit , a powerful feature designed to scan for malicious or suspicious apps.

Read more about why this is important in the.

Visit the repository to learn more about this feature! For the integration, refer to the for the Android platform.

đŸ› ī¸
🤖
on the API page
Threat detection
freeMalwareDetection
wiki
freeMalwareDetection
integration guide
https://github.com/talsec/Free-RASP-Android/tree/master/FreeRASPDemoApp
detect screenshots
screen recordings

isProd is a boolean flag that determines whether the freeRASP integration is in the Dev or Release version. If you want to learn more about isProd, visit this .

wiki section