Thank you!
Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.
This knowledge base article shows you how easy it is to use Appdome Threat-Events™ to get in-app threat intelligence in Cordova Apps and control the user experience in your Cordova Apps when mobile attacks occur.
Appdome Threat-Events is a powerful threat-intelligence framework for Android & iOS apps, which is comprised of three elements: (1) a Threat-Event, (2) the data from each Threat-Event, and (3) the Threat-Score™.
With Threat-Events, mobile developers can register, listen to, and consume real-time attack and threat data from Appdome’s mobile app security, anti-fraud, mobile anti-bot, and other protections within their mobile applications. This allows them to (1) ensure that mobile application workflows are aware of attacks and threats, (2) customize business logic and user experience based on the user’s risk profile and/or each attack or threat presented, and (3) pass the threat data to other systems of record such as app servers, mobile fraud analysis systems, SIEMs, and other data collection points.
The purpose of Threat-Events is to enable Android and iOS applications to adapt and respond to mobile app attacks and threats in real-time. Using Threat-Events will ensure you keep users, data, and transactions safe.
Appdome Threat-Events can be used as a stand-alone implementation in Cordova Apps, or in combination with Threat-Scores. Threat-Events provide the mobile developer with the in-app notification of each attack or threat, as well as the metadata associated with the attack. Threat-Scores provide the mobile developer with the Threat-Event event score and the combined (aggregate) mobile end-user risk at the time of the notification.
The figure below shows where you can find Threat-Events and Threat-Scores for each of the runtime mobile app security, anti-fraud, anti-malware, mobile antibot, and other protections available on Appdome:
To enable Threat-Events with any runtime protection, select the check box next to Threat-Events for that feature. Doing so will enable (turn ON) Threat-Events for that feature. To enable Threat-Scores for any runtime protection, click the up/down arrow associated with Threat-Scores to assign a specific score to each protection.
Threat-Scores must have a value greater than zero (0) and less than a thousand (1,000).
Threat-Events and Threat-Scores can be used with or in place of server-based mobile anti-fraud solutions.
Here’s what you need to use Threat-Events with Cordova Apps.
Before consuming Threat-Events or Threat-Scores in your React Cordova Apps, confirm that the following conditions are met:
Below is the code snippet required for using Threat-Events™ and Threat-Scores™ in Cordova Apps:
window.broadcaster.addEventListener("BlockedClipboardEvent", function(userInfo) {
console.log("BlockedClipboardEvent received! userInfo: " + JSON.stringify(userInfo) );
// "true" or "false"
var clipboardBlocked = userInfo.blocked;
// Android Only, will not be populated in iOS Apps
// "copy", "paste", "cut", "selectAll" or "unknown"
var action = userInfo.action;
// The message specified in the fusion set
var defaultMessage = userInfo.defaultMessage;
// UNIX timestamp of detection
var timeStamp = userInfo.timestamp;
// Unique device identifier
var deviceID = userInfo.deviceID;
// Mobile device model
var deviceModel = userInfo.deviceModel;
// Mobile device OS version
var osVersion = userInfo.osVersion;
// Kernel information
var kernelInfo = userInfo.kernelInfo;
// Mobile device manufacturer
var deviceManufacturer = userInfo.deviceManufacturer;
// Build ID
var fusedAppToken = userInfo.fusedAppToken;
// Carrier identity number (PLMN code)
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("BlockedKeyboardEvent", function(userInfo) {
console.log("BlockedKeyboardEvent received! userInfo: " + JSON.stringify(userInfo) )
// "true" or "false"
var keyboardBlocked = userInfo.blocked;
// Package of the keyboard
var keyboard = userInfo.keyboard;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslCertificateValidationFailed", function(userInfo) {
console.log("SslCertificateValidationFailed received! userInfo: " + JSON.stringify(userInfo) );
// A detailed message describing the detection
var threatEventDetailedMessage = userInfo.DeveventDetailedErrorMessage;
// The host that triggered the detection
var host = userInfo.host ;
// The certificate sha1 fingerprint
var certificateSHA1 = userInfo.certificateSHA1 ;
// The certificate CN (common name)
var certificateCN = userInfo.certificateCN ;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslNonSslConnection", function(userInfo) {
console.log("SslNonSslConnection received! userInfo: " + JSON.stringify(userInfo) );
// A detailed message describing the detection
var threatEventDetailedMessage = userInfo.DeveventDetailedErrorMessage;
// The host that triggered the detection
var host = userInfo.host;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslServerCertificatePinningFailed", function(userInfo) {
console.log("SslServerCertificatePinningFailed received! userInfo: " + JSON.stringify(userInfo) );
// A detailed message describing the detection
var threatEventDetailedMessage = userInfo.DeveventDetailedErrorMessage;
// The host that triggered the detection
var host = userInfo.host ;
// The certificate sha1 fingerprint
var certificateSHA1 = userInfo.certificateSHA1 ;
// The certificate CN (common name)
var certificateCN = userInfo.certificateCN ;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslIncompatibleCipher", function(userInfo) {
console.log("SslIncompatibleCipher received! userInfo: " + JSON.stringify(userInfo) );
// The host that triggered the detection
var host = userInfo.host;
// The Incompatible Cipher Id
var IncompatibleCipherId = userInfo.IncompatibleCipherId;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslIncompatibleVersion", function(userInfo) {
console.log("SslIncompatibleVersion received! userInfo: " + JSON.stringify(userInfo) );
// The host that triggered the detection
var host = userInfo.host;
// The Incompatible SSL/TLS version
var IncompatibleSslVersion = userInfo.IncompatibleSslVersion;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslInvalidCertificateChain", function(userInfo) {
console.log("SslInvalidCertificateChain received! userInfo: " + JSON.stringify(userInfo) );
// A detailed message describing the detection
var threatEventDetailedMessage = userInfo.DeveventDetailedErrorMessage;
// The host that triggered the detection
var host = userInfo.host ;
// The certificate sha1 fingerprint
var certificateSHA1 = userInfo.certificateSHA1 ;
// The certificate CN (common name)
var certificateCN = userInfo.certificateCN ;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
// BlockedScreenCaptureEvent will be dispatched only for iOS
window.broadcaster.addEventListener("BlockedScreenCaptureEvent", function(userInfo) {
console.log("BlockedScreenCaptureEvent received! userInfo: " + JSON.stringify(userInfo) );
// Description of capture method detected
var context = userInfo.context;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("UrlWhitelistFailed", function(userInfo) {
console.log("UrlWhitelistFailed received! userInfo: " + JSON.stringify(userInfo) );
// The host that triggered the detection
var host = userInfo.host;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslInvalidMinRSASignature", function(userInfo) {
console.log("SslInvalidMinRSASignature received! userInfo: " + JSON.stringify(userInfo) );
// A detailed message describing the detection
var threatEventDetailedMessage = userInfo.DeveventDetailedErrorMessage;
// The host that triggered the detection
var host = userInfo.host ;
// The certificate sha1 fingerprint
var certificateSHA1 = userInfo.certificateSHA1 ;
// The certificate CN (common name)
var certificateCN = userInfo.certificateCN ;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslInvalidMinECCSignature", function(userInfo) {
console.log("SslInvalidMinECCSignature received! userInfo: " + JSON.stringify(userInfo) );
// A detailed message describing the detection
var threatEventDetailedMessage = userInfo.DeveventDetailedErrorMessage;
// The host that triggered the detection
var host = userInfo.host ;
// The certificate sha1 fingerprint
var certificateSHA1 = userInfo.certificateSHA1 ;
// The certificate CN (common name)
var certificateCN = userInfo.certificateCN ;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
window.broadcaster.addEventListener("SslInvalidMinDigest", function(userInfo) {
console.log("SslInvalidMinDigest received! userInfo: " + JSON.stringify(userInfo) );
// A detailed message describing the detection
var threatEventDetailedMessage = userInfo.DeveventDetailedErrorMessage;
// The host that triggered the detection
var host = userInfo.host ;
// The certificate sha1 fingerprint
var certificateSHA1 = userInfo.certificateSHA1 ;
// The certificate CN (common name)
var certificateCN = userInfo.certificateCN ;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
// JailbrokenDevice will be dispatched only for iOS
window.broadcaster.addEventListener("JailbrokenDevice", function(userInfo) {
console.log("JailbrokenDevice received! userInfo: " + JSON.stringify(userInfo));
// Opaque identifier of root detection method
var internalError = userInfo.internalError;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
// RootedDevice will be dispatched only for Android
window.broadcaster.addEventListener("RootedDevice", function(userInfo) {
console.log("RootedDevice received! userInfo: " + JSON.stringify(userInfo));
// Opaque identifier of root detection method
var internalError = userInfo.internalError;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
// UnknownSourcesEnabled will be dispatched only for Android
window.broadcaster.addEventListener("UnknownSourcesEnabled", function(userInfo) {
console.log("UnknownSourcesEnabled received! userInfo: " + JSON.stringify(userInfo));
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
// DeveloperOptionsEnabled will be dispatched only for Android
window.broadcaster.addEventListener("DeveloperOptionsEnabled", function(userInfo) {
console.log("DeveloperOptionsEnabled received! userInfo: " + JSON.stringify(userInfo));
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
} );
// BannedManufacturer will be dispatched only for Android
window.broadcaster.addEventListener("BannedManufacturer", function(userInfo) {
console.log("BannedManufacturer received! userInfo: " + JSON.stringify(userInfo) );
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
// Only when ONEShield Threat Event are enabled
window.broadcaster.addEventListener("AppIntegrityError", function(userInfo) {
console.log("AppIntegrityError received! userInfo: " + JSON.stringify(userInfo) );
// The detected tampered component
var reason = userInfo.reason;
var defaultMessage = userInfo.defaultMessage;
var timeStamp = userInfo.timestamp;
var deviceID = userInfo.deviceID;
var deviceModel = userInfo.deviceModel;
var osVersion = userInfo.osVersion;
var kernelInfo = userInfo.kernelInfo;
var deviceManufacturer = userInfo.deviceManufacturer;
var fusedAppToken = userInfo.fusedAppToken;
var carrierPlmn = userInfo.carrierPlmn;
// Android Only context keys, will not be populated in iOS apps
var deviceBrand = userInfo.deviceBrand;
var deviceBoard = userInfo.deviceBoard;
var buildHost = userInfo.buildHost;
var buildUser = userInfo.buildUser;
var sdkVersion = userInfo.sdkVersion;
//
// Respond to mobile app attacks and threats here
//
});
Cordova does not provide an out-of-the-box method to exchange messages between javascript and native code (LocalBroadcastManager for Android and NSNotificationCenter for iOS ). Cordova apps can register to receive ThreatEvents by adding the Cordova plugin cordova-broadcaster. For further on how to add the Cordova plugins, see Cordova documentation about cordova plugin command.
After the cordova-broadcaster plugin has been added to the project, the app can register for a ThreatEvent by using the Cordova plugin interface to call the method addEventListner:
window.broadcaster.addEventListener(<ThreatEvent Name>, <ThreatEvent Handler Method>)
.
Note:
This plugin is cross-platform, so the code above applies to both Android & iOS.
Since the Cordova plugin cordova-broadcaster uses LocalBroadcastManager to register a BroadcastReceiver when using the syntax in the code sample above, no changes required to make the app compatible with Android 14.
Below is the list of metadata that can be associated with each mobile application Threat-Event and Threat-Score in Cordova Apps.
Threat-Event Context Keys | |
---|---|
message | Message displayed for the user on event |
failSafeEnforce | Timed enforcement against the identified threat |
externalID | The external ID of the event which can be listened via Threat Events |
osVersion | OS version of the current device |
deviceModel | Current device model |
deviceManufacturer | The manufacturer of the current device |
fusedAppToken | The task ID of the Appdome fusion of the currently running app |
kernelInfo | Info about the kernel: system name, node name, release, version and machine. |
carrierPlmn | PLMN of the device. Only available for Android devices. |
deviceID | Current device ID |
reasonCode | Reason code of the occurred event |
buildDate | Appdome fusion date of the current application |
devicePlatform | OS name of the current device |
carrierName | Carrier name of the current device. Only available for Android. |
updatedOSVersion | Is the OS version up to date |
deviceBrand | Brand of the device |
deviceBoard | Board of the device |
buildUser | Build user |
buildHost | Build host |
sdkVersion | Sdk version |
timeZone | Time zone |
deviceFaceDown | Is the device face down |
locationLong | Location longitude conditioned by location permission |
locationLat | Location latitude conditioned by location permission |
locationState | Location state conditioned by location permission |
wifiSsid | Wifi SSID |
wifiSsidPermissionStatus | Wifi SSID permission status |
Some or all of the meta-data for each mobile application Threat-Event and Threat-Score can be consumed in Cordova Apps at the discretion of the mobile developer and used, in combination with other mobile application data, to adapt the business logic or user experience when one or more attacks or threats are present.
Conditional Enforcement is an extension to Appdome’s mobile application Threat-Event framework. By using conditional enforcement, developers can control when Appdome enforcement of each mobile application protection takes place or invoke backup, failsafe, and enforcement to any in-app enforcement used by the mobile developer.
For more information on using conditional enforcement with your Threat-Event implementation, please contact support@appdome.com.
After you have implemented the required Threat-Event code in your Cordova Apps, you can confirm that your Threat-Event implementation(s) is properly recognized by the Appdome protections in the Cordova Apps. To do that, review the Certified Secure™ DevSecOps certificate for your build on Appdome.
In the Certified Secure DevSecOps certificate, a correct implementation of Threat-Events in your mobile application looks as seen below.
In the Certified Secure DevSecOps certificate, an incorrect implementation of Threat-Events in your mobile application looks as seen below.
For information on how to view and/or retrieve the Certified Secure DevSecOps certification for your mobile application on Appdome, please visit the knowledge base article Using Certified Secure™ Android & iOS Apps Build Certification in DevOps CI/CD.
If you have specific questions about implementing Threat-Events or Threat-Scores in Cordova Apps, fill out the inquiry form on the right-hand side of this knowledge base article or contact support@appdome.com.. That is it – Enjoy Appdome with Threat-Events™ in your app!
Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.