Class: AppSecurityManager
The AppSecurityManager class provides an interface to check the security state of the application and the device. It acts as a wrapper around the internal app security service, exposing methods that determine if the app or the device is secure.
NoteIn order for the security checks to work as intended, you must set
appSecurityEnabledtotruein the agent configuration.
Overview
The AppSecurityManager class is responsible for:
-
App Security Check:
Determines if the application is running in a secure environment by checking factors such as whether the app is being run on an emulator, if the device is jailbroken, if the app is being debugged and debuggable or connected to a usb. -
Device Security Check:
Determines if the device itself is secure, such as verifying that the device is not an emulator.
Methods
isAppSecure()
-
Purpose:
Checks whether the application is secure by performing a series of internal security checks (emulator status, jailbreaking, debugging, charging state). -
Returns:
APromise.- On success, it returns
trueif the app is secure; otherwise,false.
- On success, it returns
-
Usage:
Call this method when you need to verify that the application environment is secure before executing sensitive operations.
isDeviceSecure()
-
Purpose:
Checks whether the device is secure. This is typically used to verify that the app is not running on an emulator. -
Returns:
APromise.- On success, it returns
trueif the device is secure; otherwise,false.
- On success, it returns
-
Usage:
Use this method to ensure that the application is running on a physical device rather than an emulator, which is often an indicator of a secure environment.
Example Usage
Below is an example of how to use the AppSecurityManager:
export const checkIsAppSecure = async (): Promise<void> => {
// Initialize the agent
agent = await initializeAgent();
if (!agent) {
throw new Error("Agent not initialized");
}
const isAppSecure = await agent.appSecurityManager.isAppSecure();
if (!isAppSecure.isSuccessful) {
console.error(`Error: ${result.error}`);
} else {
console.info("isAppSecure", isAppSecure.isSuccessful);
}
};
export const checkIsDeviceSecure = async (): Promise<void> => {
// Initialize the agent
agent = await initializeAgent();
if (!agent) {
throw new Error("Agent not initialized");
}
const isDeviceSecure = await agent.appSecurityManager.isDeviceSecure();
if (!isDeviceSecure.isSuccessful) {
console.error(`Error: ${result.error}`);
} else {
console.info("isDeviceSecure", isDeviceSecure.isSuccessful);
}
};
Summary
The AppSecurityManager provides a simple interface to verify both app and device security. By leveraging the underlying security service, it consolidates multiple security checks into two primary methods—isAppSecure() and isDeviceSecure(). Ensure that appSecurityEnabled is set to true in your agent configuration to activate these security measures.