Overview of the SDK

  • Published on Oct 28, 2025
  • 2 minute(s) read
Prev Next

The Malware Detection SDK protects devices and applications against security threats and unauthorized access attempts. The integration of the Malware Detection SDK supports you in meeting directives from financial regulators to adopt counter measures against a variety of threats and fulfill security requirements for mobile banking, digital payment, and other security-sensitive applications.

Primary security capabilities

The SDK provides the following primary security capabilities:

  • Malware detection (Android only)

  • Remote Access Tool (RAT) detection

  • Sideloading detection

Malware detection

This feature is available on Android only.

The SDK detects malicious software (“malware”) on mobile devices and protects the devices where your mobile app resides against threats. It scans all installed packages and applications on the device, computes the signatures, and saves them in a database. You need to provide the signature-based list of known malware to the SDK which then compares these to the values saved in the database. This list of known malware is based on official sources such as for instance police forces and regulators. If any malware is detected, the SDK reports a list of detected malware to you.

Remote Access Tool Detection

This feature is available on Android and iOS but works slightly different on each operating system.

RAT Detection (Android)

The key features of RAT detection on Android are:

  • Multi-vector analysis

    Combines port scanning, permission analysis, screen sharing detection, and accessibility service monitoring for a comprehensive threat assessment.

  • Risk scoring

    Provides quantifiable threat metrics with isRatProbability and activeProbability scores (on a 0-1 scale) for installed packages, provided the QUERY_ALL_PACKAGES permission has been granted

RAT Detection/Screen Recording Detection (iOS)

The SDK continuously monitors for unauthorized screen recording and screen sharing activities. This protects sensitive information displayed in your application from being captured by malicious software, remote access tools, or screen recording applications that could compromise user data.

Sideloading Detection

This feature is available on Android and iOS but works slightly different on each operating system.

Sideloading Detection (Android)

The SDK verifies the installation source by detecting and returning apps that have not been installed through authorized channels such as Google Play Store or App Store.

Sideloading Detection / Application Origin Verification (iOS)

The SDK analyzes the application's digital signature, provisioning profile, and entitlements to determine the application's origin and distribution method. It identifies whether the application was distributed through official channels (App Store, TestFlight) or alternative methods (Enterprise, Ad Hoc, Development), and provides insights into the application's provenance.

Supported platforms

The Malware Detection SDK can be used on a variety of devices and supports the following:

Android

  • Minimum Android 7 (API level 24)

  • Target Android 15 (API level 35) or later

iOS

  • iOS 15 or later

  • Swift 5 or later

  • Xcode 16 or later