Login
    Contents x
    Mobile Application Shielding for Android Version 7.4.2 (June 2025)
    • 24 Jun 2025
    • 7 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Contents

    Mobile Application Shielding for Android Version 7.4.2 (June 2025)

    • Updated on 24 Jun 2025
    • 7 Minutes to read
    • Print
    • Dark
      Light
    • PDF
    Article summary

    Introduction

    Welcome to Mobile Application Shielding for Android 7.4.2!

    This is a maintenance release of Mobile Application Shielding with stability improvements and addressing several issues that could lead to unexpected terminations of the app. For information about configuring and using Mobile Application Shielding, see the Mobile Application Shielding Integration Guide.

    To maintain protection against the latest mobile threats, ensure to update Mobile Application Shielding to the latest version!

    Supported platform versions

    • App Shielding version 7.4.2 was successfully tested with Android 15.

    • Android 5.0 (API level 21) – Android 15 (API level 35).

    • Shielding Tool:

      • Windows 10: 64-bit Java 17

      • Mac OSX (10.9+)

      • Ubuntu Linux 22.04 LTS or 24.04 LTS

    Android platform updates

    The Android minimum supported version is 5.0 (API level 21). This version of App Shielding supports Android 15.

    If you want your protected app to run on Android 15, you must upgrade to App Shielding 6.6.0 or later.

    Android 16

    Official support for Android 16 (API 36) is planned. Currently, App Shielding demonstrates full compatibility with the latest Android 16 Beta, and we expect it to be fully compatible with the official Android 16 version. For more information, see Compatibility testing results for Android 16 and iOS 26.

    Support of 16 KB devices

    Beginning with Android 15, Android supports devices that are configured to use a page size of 16 KB (i.e., 16 KB devices). App Shielding has been updated to work on these 16 KB devices. However, if your app uses any native libraries, you must ensure that these libraries are ready for 16 KB page sizes. For more information, refer to the Android Developer documentation.

    As of March 1, 2025, App Shielding for Android version 5.7.1.98641 and earlier are no longer supported. For more information, refer to the OneSpan Mobile Portal.

    Deprecations

    OneSpan Customer Portal decommissioned

    As announced over the previous months, with the launch of our new OneSpan Mobile Portal, we have now decommissioned our previous portal, the OneSpan Customer Portal. Our new OneSpan Mobile Portal offers enhanced features, stronger security, and a more intuitive user interface, designed to provide you with a superior experience. For more information about the OneSpan Mobile Portal, see How to use the OneSpan Mobile Portal.

    Platform minimum supported versions

    Android 4.4 (API levels 19 and 20) are no longer supported by App Shielding. The new minimum supported version is Android Lollipop 5.0 (API level 21).

    Android Native Development Kit (NDK)

    Google has announced that Android Native Development Kit (NDK) (r26) will no longer support KitKat (API levels 19 and 20). The minimum version supported by the NDK for r26 will be Lollipop (API level 21).

    App Shielding switches to NDK r26 after its release as LTS version.

    Deprecated API: ShieldSDK-secure-edit-text

    The ShieldSDK-secure-edit-text API has been marked as deprecated. It is no longer maintained and is considered obsolete. It will be removed in an upcoming release.

    Deprecated configuration option removed: Allow work profile and device vendor virtual spaces

    The Allow work profile and device vendor virtual spaces configuration option is now deprecated and has been removed. It has been replaced with the Check Private Space option.

    For more information, see Configuration of App Shielding for Android apps.

    Fixes and other changes

    RASP-5028: Missing callbacks added to sample

    Description: The following App Shielding callbacks were missing from the sample included in the product package:

    • ADB_STATUS

    • DEVELOPER_OPTIONS

    • EMULATED_INPUT

    • SCREEN_MIRRORING

    Status: This issue has been fixed, these callbacks have been added to the sample. For more information, see List of callback types: CallbackType enum.

    SHAND-5043: Unexpected termination of app related to memory access

    Description: The app terminated unexpectedly due to memory access issues during internal operations.

    Example error log:

    ```
Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 in tid 18656 ()Fatal signal 11 (SIGS: Shield SDK module common detected with version 7.0.4, but expected version 7.4.0ERROR: Cannot shield the application:ERROR: Shield SDK version mismatch! The application needs to be compiled with theShield SDK that is delivered with the Shielding Tool. Either recompile your application withShield SDK version 7.4.0 or use Shielding Tool version 7.0.4.
```

    Status: This issue has been fixed.

    SHAND-5043: Application Not Responding error

    Description: An Application Not Responding (ANR) error could  occur during interactions with the native library loading process

    Example error log:

    ```
#00 pc 00000000000911c0  /apex/com.android.runtime/lib64/bionic/libc.so (syscall+32) (BuildId: 8aaf102cfbdac2f120bf95c648547386)
#01 pc 0000000000095f20  /apex/com.android.runtime/lib64/bionic/libc.so (__futex_wait_ex(void volatile*, bool, int, bool, timespec const*)+148) (BuildId: 8aaf102cfbdac2f120bf95c648547386)
#02 pc 00000000000fe728  /apex/com.android.runtime/lib64/bionic/libc.so (NonPI::MutexLockWithTimeout(pthread_mutex_internal_t*, bool, timespec const*)+660) (BuildId: 8aaf102cfbdac2f120bf95c648547386)
#03 pc 00000000006ce4ac  /data/app/~~geGBcCXPnkKXJrTfjw3gkw==/com.app.example-vhxHT1Ca_84qimJuTVk1tA==/lib/arm64/libshield.so
```

    Status: This issue has been fixed.

    SHAND-5059: Improved performance consistency

    The consistency in performance has been improved by adjusting the internal toolchain.

    SHAND-5061: Java Native Interface error

    Description: A Java Native Interface (JNI) error could cause App Shielding to terminate unexpectedly due to the use of deleted global references.

    Example error log:

    ```
05-26 20:53:36.996 15120 15149 F DEBUG   : signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x2e
05-26 20:53:36.996 15120 15149 F DEBUG   : Cause: null pointer dereference
05-26 20:53:36.996 15120 15149 F DEBUG   :     x0  000000771e2ce0b0  x1  000000771e404aa8  x2  3f3f5427ee33a296  x3  0000000000000001
05-26 20:53:36.996 15120 15149 F DEBUG   :     x4  0000000000000000  x5  0000000000000008  x6  0000000000000000  x7  0000000000000000
05-26 20:53:36.996 15120 15149 F DEBUG   :     x8  000000000000000e  x9  0000000000000000  x10 0000000000000000  x11 0000000000000000
05-26 20:53:36.996 15120 15149 F DEBUG   :     x12 165667b19e3779f9  x13 fffffffffffffffc  x14 7162d9187dd90194  x15 ffffffffffffffff
05-26 20:53:36.996 15120 15149 F DEBUG   :     x16 00000076c2971cf0  x17 00000077ae47bb30  x18 00000076bc4f0000  x19 00000076bcc218c8
05-26 20:53:36.996 15120 15149 F DEBUG   :     x20 00000076bbb24698  x21 000000771e2ce000  x22 000000771e404aa8  x23 00000076bcc22008
05-26 20:53:36.996 15120 15149 F DEBUG   :     x24 00000076bcc22020  x25 00000076c297dd40  x26 0000007722cfb5a8  x27 00000077af945020
05-26 20:53:36.996 15120 15149 F DEBUG   :     x28 0000007fe5599f50  x29 00000076bcc21870
05-26 20:53:36.996 15120 15149 F DEBUG   :     sp  00000076bcc21850  lr  00000076c2475d48  pc  00000076c24762c0
```

    Status: This issue has been fixed.

    Known limitations

    The limitations described here have not yet been solved for the current Mobile Application Shielding version. Possible workarounds are described where available.

    Methods to block screenshots also block screen mirroring tools

    Description: The methods used to block screenshots also block some screen mirroring tools. However, the scrcpy tool is only blocked on Android 12 and later. On Android 15, this option also blocks partial screen sharing.

    Bypassing App Shielding protection in Cordova-based applications

    Description: Because of the nature of pure Javascript frameworks such as Cordova, the effectiveness of the push and pull bindings of App Shielding is affected. As a result, it might be possible to extract all Javascript files from a shielded application and build a new Cordova-based application with the extracted Javascript files. That new application will behave identical to the original one but has two major differences:

    1. It is not longer protected with App Shielding.

    2. It is signed with a different developer certificate.

    Because this new application is signed with a different developer certificate, it is recognized by the stores or every device as a completely different and new application in comparison to the original shielded application. It cannot be avoided that a new application like this is built that looks and behaves similar to the original application.

    OneSpan risk assessment: Threat actors will need to make heavy use of targeted phishing attacks to convince users of the original application to install the rogue version. For attackers, however, it is much easier to use existing malware frameworks that mimic hundreds of login screens in one single piece of malware. In addition, the existence of any rogue versions of the application does not affect the security features of the original shielded application. Everyone who is using the genuine, shielded application is protected with all the features of App Shielding, including all security measures of the original application. Therefore, we consider this issue to be of low risk.

    NFC payment failure in shielded apps with Thales Gemalto SDK

    Description: When using the shielded version of the app, NFC payments fail. This is caused by a compatibility issue with the Thales Gemalto TSH Pay SDK which also provides debugger detection. The SDK incorrectly flags the App Shielding debugger detection as a native debugger.

    Solution: Allowlisting. For implementations integrating both the Thales Gemalto SDK and App Shielding, debuggers coming from the SDK's own debugging processes and sub-processes should be added to an allowlist within theThales Gemalto SDK.

    It is essential to not only add the processes to the allowlist but also their sub-processes. Otherwise, the SDK will still handle App Shielding as a native debugger!

    Magisk and root hider tools on new Android versions

    Root hider tools such as Magisk Hide are designed to hide the fact that the device is compromised (rooted). Android has been increasingly restricted in what can be inspected and observed of the system from inside an app. This means that a rooted system with a root hider tool can be hard to detect due to missing privileges.

    On Android 8+, App Shielding may not able to reliably detect a rooted device with Magisk Hide depending on the version of these tools.

    Was this article helpful?
    What's Next
    Change password!
    Changing your password will log you out immediately. Use the new password to log back in.
    Change profile
    Success!
    First name must have atleast 2 characters. Numbers and special characters are not allowed.
    Last name must have atleast 1 characters. Numbers and special characters are not allowed.
    Enter a valid email
    Enter a valid password
    Your profile has been successfully updated.
    Logout
    ESC

    Ozzy, our interactive help assistant