Basic integration

OneSpan App Shielding is integrated as a fully automatic post-compilation step, operating on a complete Android application (.apk or .aabfile) using the Shielding Tool or as an integrated part of building the app with the Android build system.

In order to integrate App Shielding into an existing Android application (.apk), the following steps must be followed:

1. Build, sign and prepare your application

2. Create a configuration file (e.g., config.xml)

3. Run the Shielding Tool to automatically integrate App Shielding into the application.

A simple illustration of the integration process operating on a complete and ready app.

The modified application includes OneSpan App Shielding after integration has been done. This modified app needs to be zip-aligned and signed before it can be deployed for testing, or distributed through Google Play.

Certain features of OneSpan App Shielding require deeper integration inside the application, or changes to the build phase of an application to be enabled:

• Callbacks

• Activity Guard

• Secure Text Edit

For a deeper integration with OneSpan App Shielding inside the application, please read more about the Shield APIs below.

OneSpan App Shielding is provided in two variants: release and debug.

The release version is intended to be used for app distribution and restricts the ability for the app developer to disable security critical features, such as debugger protection and others.

The debug version allows the app to be debugged with a native debugger such as gdb, lldb or similar, and it allows the app to run on emulators. The debug version will set the testOnly flag in the AndroidManifest.xml, which will prevent the application from being wrongfully submitted to Google Play.