LogoLogo
HomeArticlesCommunity ProductsPremium ProductsGitHubTalsec Website
  • 👋Introduction
  • đŸ› ī¸Integration
    • 🤖Android
      • API
      • Troubleshooting
    • 🍎iOS
      • API
      • Troubleshooting
    • đŸĻFlutter
      • FlutterFlow
      • API
      • Troubleshooting
    • âš›ī¸React Native
      • Expo
      • API
      • Troubleshooting
    • 👾Cordova
      • API
      • Troubleshooting
    • đŸĒŊCapacitor
      • API
      • Troubleshooting
  • 🚀Features and Pricing plans
    • The Key Differences: freeRASP vs. RASP+
  • 🎤What's New and Changelog
  • 📊Security Report
  • âš–ī¸User Data Policies
  • 📄License
  • 🤝Fair Usage Policy (FUP)
  • â„šī¸Wiki
    • Getting Signing Certificate Hash
    • Callback Delay, Telemetry Impact, and Threat Scanning Completion Status
    • Threat detection
      • Detecting rooted or jailbroken devices
      • Emulator detection
      • Hook detection
      • App tampering detection
      • Debugger detection
      • Detecting unofficial installation
      • Device binding detection
      • Missing obfuscation detection [Android devices only]
      • Secure Hardware detection (Keystore/Keychain secure storage check)
      • Passcode
      • System VPN detection
      • Developer Mode detection [Android devices only]
      • ADB enabled detection [Android devices only]
      • Screen Capture
    • Source code obfuscation
    • isProd flag
  • đŸĻ‰FAQ
  • 🧑‍đŸ’ģAbout Us
  • 🤝Contribution
Powered by GitBook
On this page

Was this helpful?

Export as PDF
  1. Wiki
  2. Threat detection

Secure Hardware detection (Keystore/Keychain secure storage check)

The Secure Enclave and the Android Keystore system make it very difficult to decrypt sensitive data without physical access to the device. In that order, these keys need to be stored securely. freeRASP checks if the keys reside inside secure hardware.

Below are code snippets demonstrating missing hardware detection across various platforms:

// Android Keystore
override fun onHardwareBackedKeystoreNotAvailableDetected() {
    TODO("Not yet implemented")
}

// iOS Secure Enclave
case missingSecureEnclave

// Flutter HW backed keystore not available and missing secure enclave detection
onSecureHardwareNotAvailable: () => print("Secure hardware not available")

// Cordova HW backed keystore not available and missing secure enclave detection
secureHardwareNotAvailable: () => {
    // Place your reaction here
}

// React Native HW backed keystore not available and missing secure enclave detection
secureHardwareNotAvailable: () => {
    // Place your reaction here
}

// Capacitor HW backed keystore not available and missing secure enclave detection
secureHardwareNotAvailable: () => {
    // Place your reaction here
}

Recommended action: Ignore the callback or log the event to your BE.

PreviousMissing obfuscation detection [Android devices only]NextPasscode

Last updated 9 months ago

Was this helpful?

â„šī¸