How to Test Appdome-Secured Android Apps on SauceLabs

Last updated September 17, 2024 by Appdome

Appdome works with all leading mobile automation testing solutions to help customers achieve comprehensive mobile app security at DevSecOps speed and agility, all within the app’s existing application lifecycle.

This Knowledge Base article provides instructions on learning how to test Appdome-Secured Android Apps by using the SauceLabs automation test platform for DevSecOps.

Use Appdome’s Build2Test Service(Recommended)

Customers with an Appdome SRM license can use Appdome’s Build2Test service to quickly and easily test their Appdome-secured mobile apps by using SauceLabs without the need for different Fusion Sets. With Appdome’s Build2Test service, Appdome’s in-app defense model recognizes the unique signature of these testing services and allows for easy testing without issuing a security alert or forcing the app to exit, even if these services use tools such as Magisk or Frida. For details, see How to Use Appdome Mobile App Automation Testing.

General

SauceLabs allows testing apps by using its Live and Automation testing suits. Both can be used to test Appdome-secured mobile apps.

The following table describes which Appdome protection features may be triggered and the reason why.

Appdome Feature Reason Behavior with Build2Test
Detect App is Debuggable SauceLabs signs the app as debuggable upon installation. The app will acknowledge the debuggable state but will continue operating normally during the testing process.
Detect Developer Options Required to interact with the device The app will detect this but will not crash, allowing testing to continue.
Block Android Debug Bridge (ADB) Required to interact with the device The app will detect ADB usage but will not crash, ensuring smooth testing.
Prevent App Screen Sharing SauceLabs performs screen recording, so if this feature is enabled, all test videos will show a black screen. The app will recognize the screen recording but will continue running without crashing.
Prevent Keystroke Injection SauceLabs uses adb command to enter text. The app will detect the use of keystroke injection but will continue running without crashing, allowing for uninterrupted testing.
Keylogging Prevention Testing scripts that simulate inputs in a way that resembles keylogging might trigger this feature. The app will detect potential keylogging behavior but will not crash.
Detect OS Remount To detect unauthorized changes to the system files, which could indicate security vulnerabilities. The app will recognize OS remounts but will not crash, allowing testing to progress without interruption.
Detect Fake GPS App To prevent the use of applications that can spoof geographical locations and potentially mislead app functions or tests The app will detect the usage of fake GPS apps but will continue running, allowing tests to be completed.
Block GameGuardian Prevents unauthorized game manipulation and cheating. Build2Test ensures that the app blocks GameGuardian attempts while allowing testing to continue.

 

Live Mobile App Testing – Android

To initiate Live App test of your test app in Saucelabs:
  1. After successfully building and signing your app on Appdome, log in to your Saucelabs account. Alternatively, if you do not yet have an account, create an account.
    Note:

    For .aab app types, please refer to section Automate App testing – Android before building the app on Appdome.
  2. On the left sidebar, select App Management.
    If you see an option to select 
    between devices on a Virtual Cloud and Real Devices, select Real Devices.
    Appmanagement 12png 1
    list of your apps will be displayed.
    If you have not uploaded any app before, the list will be empty.

    If your test app does not appear in the above list, you can upload it by dragging the app, or by clicking choose file.
    Appmanagement 12png 1
  3. After you upload your test app, hover your mouse or cursor over it to display the Settings and App Versions option.
    Settings And App Versions3
  4. Click Settings and App Versions.
  5. Disable Instrumentation and Image Injection, thus preventing Saucelabs from re-signing the app.
  6. Click App Management.
    Appmanagementtab
  7. Hover your mouse or cursor over the app to display the Start Test option.
  8. Click Start Test to select the test device.
    Starttestbutton.5
  9. Select an available test device from the displayed list and click Launch.
    This will start a manual test of the uploaded app on the selected device.
    Selectedandroiddevice
    To see live device logs, click Log on the menu on the right.
    Logmenuright
  10. When Done, click STOP on the right menu.

If you want to test using Appium, check out the SauceLabs Appium Wiki.

Automate App testing – Android

The following Appium capabilities, which are being used in the automation test code, can also trigger protection features:

SauceLabs Specific Appium Capability Reason
networkCapture Saucelabs will re-sign the app
resigningEnabled Saucelabs will re-sign the app
saucelaLabsImageInjectionEnabled Saucelabs will re-sign the app
saucelaLabsBypassScreenshotsRestriction Saucelabs will re-sign the app

Note:

To avoid app re-signing by Saucelabs, it is required to disable the Instrumentation and Image Injection feature on Saucelabs cloud.
For additional measures to take during app build on Appdome, see above sections General and Testing .aab apps.

Related Articles:

How Do I Learn More?

If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.

Appdome

Want a Demo?

Test Secured Mobile Apps

AlanWe're here to help
We'll get back to you in 24 hours to schedule your demo.