Copied to clipboard

Anti-virus scanning

Kobition wants to assist you to create secure applications to fully support testing purposes. To help with this, we’ve created a security review process to protect the Kobition users while using our remote devices. Once any testing application is uploaded either from Kobiton App Repository or a single manual test session, we will assess the security of all parts of your application.The anti-virus scanning is active by the followings:

  1. Binary files downloaded from Internet. For example, the user starts a Manual session and uses Google Chrome browser to download a file; the file is scanned for virus by Kobiton first, then it's transferred to the device if there is no virus or security threat (like malware) found. Otherwise, the Chrome browser receives an error returned by Kobiton virus scanning saying the file can't be served due to virus threat

  2. Application files (.apk, .ipa) are installed to the device through either Apps Repository or ad-hoc files (uploaded by user or external url). These files are scanned by App-Ray - Kobiton security partner - for identifying vulnerabilities

Apps that appears to be suspicious or high-risk behaviour to impact the Kobiton devices, cannot be installed and will be blocked for security purposes by App-Ray. You can, however, make any request to bypass the anti-virus scanning if the uploaded application causes no harm in violation of the Kobiton system.

In order to enhance the user experience as well as saving time for anti-virus submission. We now support the bypassing of anti-virus scanning on high-risk applications for both Trial and Business accounts at entire Organization level. In other words, once a Bypass scanning request is approved by the Kobiton security team, App-Ray scanning will be off to all your uploaded applications.

Note

For Trial accounts, we strongly recommend that TRIALS should contact sales in order to shut off scanning for the ENTIRE Organization

Kobiton major security threats

Below is the list of threat types that the app will be blocked once detected:

Note

If the application detected with high-risk behaviour, it will be blocked within 2-day time to allow Business subscription users to keep testing while waiting for anti-virus scanning approval from security team. The application, however, will be removed immediately in the case of Trial subscription users.

Threat type Threat description Severity Require Kobiton approval
BINARY_BUSYBOX The app accesses the busybox binary High Yes
BINARY_SU The app accesses the su binary High Yes
DEVICEADMIN The app contains a Broadcast Receiver that can acquire device admin rights High Yes
FACTORYTEST The app has the FACTORY_TEST permission set High Yes
VIRUS Virus scanners recognize this as malicious High Yes
INITIATE_PHONECALLS The app can silently initiate phone calls High Yes
READ_LOGS The app is able to read the system log files High Yes
READ_TASKS The app checks which other applications are running High Yes
SEND_SMS The app can silently send SMS High Yes
SQL_FLAW Potential SQL injections found in x places High Yes
ACCESS_FILES_OTHER_APP This app accesses files of another app Minor No
ADS_DYNAMIC x ad servers are contacted Minor No
ADS_STATIC x ad libraries are referenced Minor No
AUTOSTART The app can start automatically when the device is booted Minor No
BACKUP_ALLOWED Backup is allowed Minor No
BACKUP_SELFIMPLEMENTED App handles Android backups Minor No
BLUETOOTH_ADMIN The app uses Bluetooth and may initiate device discovery Minor No
BLUETOOTH_USED The app uses Bluetooth Minor No
CAMERA_USED The app uses the camera Minor No
CAPABILITYLEAK x capability leaks detected Minor No
CONTACTS_READ The app can read contact data Minor No
CONTACTS_WRITE The app can write contact data Minor No
CRYPTO_SIGNING_KEYLENGTH_LOW Signature key length less than 1024 bits Minor No
DATAFLOW_STATIC Static data leakage detected Minor No
DEBUGGABLE Debuggable flag set. Sensitive information might be accessible Minor No
DISABLE_KEYGUARD The app can silently unlock the screen Minor No
DYNAMICCODE This app loads code dynamically Minor No
FINGERPRINTING The app can fingerprint the runtime environment Minor No
FRAMEBUFFER The app has access to the framebuffer Minor No
HTTP_COMMUNICATION_DYNAMIC The app communicates over HTTP Minor No
HTTP_COMMUNICATION_STATIC The app communicates over HTTP Minor No
LEFTKEY The app contains x access keys to web services or APIs Minor No
LOCATION_COARSE The app accesses your coarse location Minor No
LOCATION_GPS The app accesses your GPS locatio Minor No
LOCATION_WIFISTATE The app accesses your wifi state which can potentially leak your location Minor No
MISSING_TAPJACKING_PROTECTION Missing TapJacking protection Minor No
NATIVELIBS This app contains native executables Minor No
NESTEDAPK_ACCESSED App-Ray cached a possible Apk file that was accessed at runtime, download Minor No
NESTEDAPK_CONTAINED The apps APK contains one or more nested APKs Minor No
OVERPERMISSIVE x permissions are requested but might not be required Minor No
PASSWORD_READ The app reads account passwords Minor No
PAYMENT_STATIC The app contains the following in-app payment libraries: x Minor No
PROFILE_READ The app can read user profiles Minor No
PROFILE_WRITE The app can write user profiles Minor No
READ_EXTERNAL_STORAGE The app can read the contents of the SD card Minor No

How to request bypass approval for risk apps

A. From Apps repository

  1. Go to Apps tab from Kobiton portal website

  2. Select "Click to add new app" to add expected application

  3. Refresh the page to and observe the security status located at the top-left corner of the app

  4. Select Apps with "High risk" status

    AppsStatus

  5. Select "View security risks" from the drop-down list located at the top-right corner of the app

    ViewSecurityRisk

  6. Fill all required information from "Submit bypass request" form, Click "Request to bypass"

    BypassingRequestForm

  7. The email notification will be sent to email address associated with your account once the application is approved. The application status from the Kobition Apps Repository is as below

    OrgApproval

B. From manual test session

  1. Launch any expected device from the Devices tab on Kobiton portal website

  2. Go to APPS tab, Click "Choose file"

  3. Select expected application, Error message will display if the application is detected to be suspicious

  4. Click "View Detail" on the error message

    ViewDetailInTestSession

  5. Fill all required information from "Submit bypass request" form, Click "Request to bypass"

  6. After bypassing request is sent, your uploaded application must be available in the Kobiton apps repository with "Security approval pending" status.

  7. The email notification will be sent to email address associated with your account once the application is approved.

  8. Launch a test session again, your uploaded application must be available from in Apps repository

    image alt text

Note

Any other versions of the added applications (applied for the Trial and Business users only) will be approved to bypass antivirus scanning once the associated account is approved at Organization level.

Feedback

SELECTED

Tip

You can select a specific word, line of text, or one or more paragraphs to comment.

COMMENT

Please give us some feedback !
Thank you!
  • We are listening,
  • we will do our best to fix this soon