How to Test Secured Android Apps on BitBar
Learn how to test Appdome-secured Android Apps using BitBar’s mobile testing suite. Automated testing of secured Android app helps developers and others rapidly deploy comprehensive mobile app security and fraud prevention with DevSecOps speed and agility. Appdome works with all leading mobile automation testing solutions to help customers achieve comprehensive mobile app security at DevSecOps speed and agility, all within the app’s existing application lifecycle.
Customers with an Appdome SRM license can use Appdome’s Build-to-Test service to quickly and easily test their Appdome-secured mobile apps by using BitBar, without the need for different Fusion Sets. With Appdome’s Build-to-Test service, Appdome’s in-app defense model recognizes the unique signature of these testing services and allows for easy testing without issuing a security alert or forcing the app to exit, even if these services use tools such as Magisk or Frida. For details, see How to Use Appdome Mobile App Automation Testing.
Testing on Android Apps
BitBar allows testing apps by using its Live Testing and Automation test suits. Both can be used to test Appdome-secured mobile apps.
The following table describes which Appdome protections may be triggered, why they are triggered, and how to avoid them (during the app build phase on Appdome).
| Appdome Feature | Reason | Behavior with Build2Test |
| Keylogging Prevention | To prevent unauthorized capture of keystrokes, which could include sensitive or personal information. | The app will detect keylogging attempts but will not crash, allowing continued testing. |
| Detect Unlocked Bootloader | To ensure the device has not been tampered with at a system level, which could compromise app integrity. | The app will detect an unlocked bootloader but will not crash, ensuring testing proceeds. |
| Detect Fake GPS App | To prevent the use of applications that can spoof geographical locations and potentially mislead app functions or tests. | The app will detect the usage of fake GPS apps but will continue running, allowing tests to be completed. |
| Detect Unknown Sources | To identify if apps are installed from unofficial or untrusted sources, increasing the risk of malicious software. | The app will detect installations from unknown sources but will not crash, facilitating ongoing testing. |
| Prevent Code Injection | To block unauthorized code injections that could alter app behavior or compromise data. | The app will detect code injection attempts but will continue to operate, permitting continued testing |
| Detect OS Remount | To detect unauthorized changes to the system files, which could indicate security vulnerabilities. | The app will recognize OS remounts but will not crash, allowing testing to progress without interruption. |
| Block Magisk | To detect and prevent the use of Magisk, a tool commonly used for rooting devices. | The app will detect Magisk but will not crash, ensuring tests can continue under controlled conditions. |
| Block KernelSU | Detects and prevents the use of KernelSU, a method used to gain elevated privileges on the device, potentially exposing the app to various attacks. | The app will detect KernelSU usage but will not crash, maintaining a seamless testing environment. |
Live App testing – Android
- Log in to your BitBar account. Alternatively, if you do not yet have an account, Create an account.
- Under Live Testing, click Start Mobile App Live Test.
- Select a device or a device group (shown on the right side) from the displayed list.
If you see only iOS devices while you want to test an Android app – scroll down. The list is sorted alphabetically by manufacturer, so Apple devices will probably appear first. Alternatively, you can use filters (on the left) to find a device matching your preferences.
After a device is selected, it is displayed on the screen. Various device-related options are displayed on the right, and an additional menu is displayed on the bottom left side.
- Click Files on the left-side menu, and then Upload or choose Files +.
A file library with the previously uploaded app files is displayed. - Select the app you would like to test, and then install and launch the selected app on the test device.
If you have not yet uploaded the test app, do so now by clicking the Upload File button at the top and then selecting it.
- Perform your tests manually.
- Click STOP when done.
The test session details will be displayed, and the test results will be available for later viewing under Live Testing > Test Results.
Automation App Testing – Appium Android Client Side
Automation App testing – Android Server Side
BitBar allows you to test your app by uploading your test code and running it on their cloud, using various automation frameworks such as Appium, Robot, and Selenium.
To test your app on the Android server side:
- After successfully building and signing your app on Appdome, log in to your BitBar account. Alternatively, if you do not yet have an account, Create an account.
- Under Automation, click Create Automated Test.
- Select Android as the target OS type.
- Use the Select a Frameworksection section to click Server Side (Appium and other frameworks).
- Use the Choose Files section to click on Click to choose or upload file and select your test app and the test code (.zip) from the displayed list.
If the app and the test code file are not in the displayed list, click Upload File, upload your test app and the test code .zip file, and then select both for testing.
- Use the Choose Devices section to select any of the following options:
- Use existing device group
Allows you to provide the name of the previously created device group. - Use chosen devices
This allows you to select the test device from the list of available devices. - Use currently idle devices
Allows you to let BitBar select test devices that are currently idle.
Slide the blue circle on the bar below to indicate the number of devices you want to include in the test.
- Use existing device group
- Click Create and run an automated test.
- When done, click on Go to results.
Troubleshooting Tips
Most automation test tools can typically be used in one of two modes: emulator mode and manual mode (specific terms may vary according to the testing tool). If you use the automation test tool in “emulator mode” instead of “manual mode,” the Appdome-secured application will not run on the device. This is expected because Appdome ONEShield protects apps from running on emulators/simulators. Instead, it would be best if you run the automation test tool manually.
Related Articles
- How to Use Appdome’s Build2Test Service
- How to Test Secured Android Apps on BrowserStack
- How to Test Secured iOS Apps on BrowserStack
- Test Appdome-secured Android Apps on Lambdatest
- How to Test Secured iOS Apps on Lambdatest
- How to Test Secured iOS Apps on SauceLabs
- How to Test Secured Android Apps on SauceLabs
If you have any questions, please send them our way at support.appdome.com or via the chat window on the Appdome platform.
Thank you!
Thanks for visiting Appdome! Our mission is to secure every app on the planet by making mobile app security easy. We hope we’re living up to the mission with your project.
