If the protected application exits with exit code 01, that indicates that App Shielding did not find the correct application signer certificate in the app. This should never happen if the Shielding Tool performs the signing, and the applicationSignerCertificate option is set to auto. However, if the application is signed by another tool, App Shielding must be configured to trust the correct signing certificate in the config.xml file. For more information, refer to the section on configuration options in the Integration Guide for Android.
Google Play
If you have enabled Play App Signing when uploading an app to Google Play, you must add the Google app-specific key to your App Shielding configuration file to avoid a repackaging detection.
Repackaging can also be triggered by the files that Google Play might inject into your application. In that case, you can use a Shielding Tool rules file to exclude those files from integrity checking. For more information, refer to the section on Shielding Tool rules in the Integration Guide for Android.
By default, the Shielding Tool already skips verification for the following files:
skipVerifyPath "res/xml/locales_config.xml";
skipVerifyPath "res/xml/splits0.xml";
skipVerifyPath "stamp-cert-sha256";
skipVerifyPath "stamp-cert-sha1";You might need to verify that other files are not being injected by Google Play, and, if they are, add them as exclusions to your rules file.
Google Play protection features
By design, App Shielding is not compatible with the native Google Play protection features, such as the Play Integrity API and Automatic Protection service. These features inject additional code into the application, which causes App Shielding to trigger a repackaging exception.
Therefore , it is not recommended to use either the Play Integrity API or Automatic Protection service. Compared to OneSpan Mobile Application Shielding, these provide lower security and are easily bypassed.
Amazon App Store
The Amazon App Store always re-signs your application; this step is not optional. Therefore, you must add the specific key for your application in the Amazon App Store to your App Shielding configuration file.
Similar to Google Play, the Amazon App Store also modifies your application’s files, which would trigger a repackaging event. To prevent this, you can use a set of built-in Shielding Tool rules to exclude these modifications from the integrity checking process. Simply add the following include directive to your rules file:
include "builtin:amazon-app-store-support.cfg";For reference, the amazon-app-store-support.cfg file has the following rules:
# Amazon App Store modifies these files
skipVerifyPath "classes*.dex";
# Amazon App Store injects these files
skipVerifyPath "com.amazon.*";
skipVerifyPath "kiwi";