- 28 Oct 2024
- 3 Minutes à lire
- SombreLumière
Version 6.5.1 (March 2024)
- Mis à jour le 28 Oct 2024
- 3 Minutes à lire
- SombreLumière
Supported platform versions
App Shielding version 6.5.1 was successfully tested with Android 14 beta 5.
Android 5.0 (API level 21) – Android 14 (API level 34).
Shielding Tool:
Windows 10: 64-bit Java 17
Mac OSX (10.9+)
Ubuntu Linux 20.04 LTS or 22.04 LTS
The App Shielding Gradle plugin version 2.0 and later is supported.
The App Shielding Gradle plugin 2.0 supports Android App Bundles and newer Android build versions.
The plugin and documentation can be downloaded from:
Android platform updates
The Android minimum supported version is 5.0 (API level 21). This version of App Shielding supports Android 14.
As of March 1, 2024, App Shielding for Android version 4.3.11.78273 and earlier are no longer supported. For more information, refer to the OneSpan Customer Portal at https://cp.onespan.com/.
Deprecations
Platform minimum supported versions
Android 4.4 (API levels 19 and 20) are no longer supported by App Shielding. The new minimum supported version is Android Lollipop 5.0 (API level 21).
Android Native Development Kit (NDK)
Google has announced that Android Native Development Kit (NDK) (r26) will no longer support KitKat (API levels 19 and 20). The minimum version supported by the NDK for r26 will be Lollipop (API level 21).
App Shielding switches to NDK r26 after its release as LTS version.
Fixes and other changes
SHAND-4073: R8 optimization with ShieldSDK-secure-local-storage
Description: R8 that is provided with AGP 8.x adds a stronger minimization step that causes an unexpected runtime termination with applications that use ShieldSDK-secure-local-storage.
Status: This has been fixed in the ShieldSDK-secure-local-storage package.
SHAND-4085: Performance improvements
Description: Improved performance by optimizing code that handles security checks when the app receives or changes focus.
SHAND-4106: Unexpected termination on Huawei and Honor devices
Description: App Shielding 6.5.0 introduced a new detector for KernelSU and Magisk Hide. That detector caused an unexpected termination on a few Huawei and Honor devices. The new detector is now temporarily disabled until we have a proper fix in place. One consequence is that KernelSU and Magisk Hide detection are less strong.
SHAND-4113: Issue when signing an Android app bundle with the Shielding Tool
Description: When shielding an app bundle together with the Shielding Tool signing options (--keystore my-keystore.jks ...) and using the option --digestalg to select a digest algorithm, the Shielding Tool translated the digest algorithm name-to-name which, however, was rejected by the Google Play Store on trying to publish the app bundle. For example, on using the command line argument --digestalg SHA-256, the Shielding Tool translated that to the name "SHA256". While that is a valid name for jarsigner, the Google Play Store accepts only names with a dash, e.g., "SHA-256".
Status: This issue has been fixed. Now the Shielding Tool uses the name with a dash.
If you used the Shielding Tool to sign the app bundle, but did not specify the --digestalg option, the Shielding Tool uses the current default digest algorithm, which is SHA-256 or SHA-384, depending on the Java runtime.
SHAND-4146: Issue with ClassNotFoundException runtime exception on loading a layout resource file
Description: If an app uses a layout resource file that uses an app:layoutManager attribute with a "@string/..." value, the Shielding Tool wrote the layout resource file with a wrong value in the shielded app. That caused the app to lookup a class with a wrong name and thus it exited with java.lang.ClassNotFoundException.
Status: This issue has been fixed.
~~~ <androidx.recyclerview.widget.RecyclerView android:id="@+id/example" app:layoutManager="@string/my_layout"... /> ~~~
Known limitations
The limitations described here have not yet been solved for the current Mobile Application Shielding version. Possible workarounds are described where available.
Magisk and root hider tools on new Android versions
Root hider tools such as Magisk Hide are designed to hide the fact that the device is compromised (rooted). Android has been increasingly restricted in what can be inspected and observed of the system from inside an app. This means that a rooted system with a root hider tool can be hard to detect due to missing privileges.
On Android 8+, App Shielding may not able to reliably detect a rooted device with Magisk Hide depending on the version of these tools.
New Android version with 16k page size
Google announced that Android is moving from a 4KB page size to a 16KB page size in Android15. 16KB page hardware will be available in the market in the future, as well. The current version of App Shielding does not yet run on the new Android 15 images with a 16KB page size, but OneSpan is working on updating the App Shielding native libraries to no longer assume that the page size is 4K.
Android App Bundles
The OneSpan Customer Portal support for Android App Bundles does not yet include instant-enabled app bundles.