Login
    Contents x
    Shielding the Application via the OneSpan Mobile Portal
    • 30 Apr 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Shielding the Application via the OneSpan Mobile Portal

    • Updated on 30 Apr 2025
    • 1 Minute to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    When a configuration is created using the OneSpan Mobile Portal, it is possible to shield an application. You can bind your application to App Shielding via the OneSpan Mobile Portal either manually or automated.

    App Shielding writes the shielded application to shielded-app.apk in the same directory as the application itself.

    Manual shielding

    Shielding modifies the executable of the application, which means that after shielding, the application needs to be re-signed.

    This must be handled with special care so that all required parts of the application are re-signed.

    To manually shield an app

    The shielding section of the OneSpan Mobile Portal Home page is only enabled after a configuration has been created, the configuration options have been set, and the required certificates correctly uploaded.

    1. In the Home page of the OneSpan Mobile Portal, select the project and configuration you want to use.

    2. To upload the binary to be shielded, either click Select at the center of the page and browse to the file location, or add the file via drag and drop.

    3. As soon as the file upload is complete, the shielding process starts.

      The binary to shield (AAB or APK for Android) can be signed or unsigned.

      App Shielding provides log where you can trace the shielding progress.

    4. When the shielding process is completed, the OneSpan Mobile Portal displays a notification, and you can download the zip file with the shielded binary. The file time counter next to the file sets the expiry time after which the file can not be downloaded anymore.

    After shielding, application startup performance could be impacted. If this occurs, exclusion options can be defined to reduce the impact of the shielding on the application.

    The security provided by App Shielding is reduced when you exclude classes from the shielding process. The number of shieldings must be high enough to ensure security requirements (more than one thousand data shieldings).

    To avoid performance issues, the following OneSpan packages can be excluded from shielding:

    • untouchable class com.vasco.digipass.sdk.obfuscated.*

    • untouchable class com.vasco.digipass.sdk.utils.utilities.obfuscated.*

    App obfuscation

    App Shielding provides app obfuscation mechanisms where the Java bytecode of an application is obfuscated, and e.g. class names, function names, and field names are modified. Parts of an application code are rewritten in a purposefully unintelligible way, while the application functionalities are left unchanged. The purpose of obfuscation is to discourage static analysis attempts.

    For more information on this, see Configuration of Shielding Tool rules: Obfuscation.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, our interactive help assistant