Appdome Blog

Appdome’s TOTALCode™ Obfuscation Enables Choice and Complete App Protection, Without Accessing Source Code

February 15, 2018


Ask any developer and he/she will tell you that obfuscation of source code in a mobile app isn’t easy. He/she needs to decide what has to be obfuscated and modify the source code to “comply” with obfuscation techniques, coupled with limitations in choosing the programming languages, frameworks and build environments. To a developer, obfuscating an entire app’s source code always comes with additional and significant performance impact.

It’s important to note that there are parts of an app that cannot be obfuscated in the source code. For example, strings and secrets that point to external services, third-party SDK vendors, and language dependent constructs. These elements remain in the clear form and provide hackers with enough data to reverse engineer an app.

In addition, it requires major proficiency to obfuscate code without a third-party integration help. A developer thinks he has obfuscated the source code but an experienced hacker will “see right through it”.

So why the need for Code Obfuscation?

Code obfuscation helps to protect a mobile app’s internal logic, intellectual property, frameworks, language, and structure. It makes the “reading” of an app’s binary/compiled code difficult and impractical. It aims to confuse and frustrate hackers while they try to uncover how an app works.

Before Appdome, the only way to integrate code obfuscation was by compiling/adding/coding the obfuscation technique into an app’s source code.

What is TOTALCode Obfuscation?

Appdome's TOTALCode obfuscation obfuscates the entire app binary, protects workflows, business logic, secrets, strings and data constructs throughout the binary, without exposing the source code. There is no optimization needed to the source code, no change to app’s logic, and no impact on operation, performance or functionality. An entire app can be obfuscated, with no development effort, and just with a click of a button.

Benefits of TOTALCode Obfuscation:

  • Eliminates Obfuscation Tradeoffs
    Developers don’t need to make tradeoffs between securing their app, build environments and selection of services.
  • No performance and functionality impact
    Binary obfuscation, unlike source code obfuscation, works seamlessly within the app, with no impact on performance, usability and functionally.
  • Obfuscate third-party service implementations (SDKs)
    TOTALCode obfuscation protects third-party integration such as services, SDKs, and APIs into an app.
  • Obfuscate strings and secrets in the app
    The Achilles heel of all other obfuscation methods is strings and secrets contained in an app. If they are in clear text, the obfuscation is always reversible. TOTALCode obfuscation operates at the binary level, delivering obfuscation strength to strings and secrets.

Learn more about Appdome’s TOTALCode Obfuscation by opening a free Appdome account and try it for yourself!