HMS Core Safety Detect Kit Helps Developers Build Trustworthy Apps

HMS Core Safety Detect Kit is a multi-feature security detection service that allows developers to quickly build advanced security capabilities for their apps by utilizing the Trusted Execution Environment (TEE) on Huawei phones, thereby enabling developers to focus on app development. Currently, Safety Detect offers four features: SysIntegrity (system integrity check), UserDetect (fake user detection), AppsCheck (app security check), and URLCheck (malicious URL check). With these features, developers can quickly check whether a device their app is running on is rooted, unlocked, or has escalated privileges, and thus determine whether to restrict their apps’ behavior to protect user privacy and property.

SysIntegrity

SysIntegrity can check whether the user’s device is rooted, unlocked, or has escalated privileges, and thus help developers evaluate whether to restrict their apps’ behavior to avoid information leakage or financial loss of the user during user actions such as making an online payment or sending an email.

A unique advantage of SysIntegrity is its integration with the TEE service. Huawei phones running EMUI 9.0 or later are equipped with a TEE that features a proprietary microkernel — the first of its kind in the industry — and which has achieved CC EAL 5+ certification. The TEE allows apps with SysIntegrity integrated to be run in an isolated environment to ensure maximum security protection at all times.

UserDetect

How can fake operations such as game bots, activity bonus hunting, and malicious spamming be prevented? UserDetect can identify spoof devices based on the device signature and identifier, and identify environment risks such as rooted devices, simulators, VMs, device change tools, and anonymous IP addresses. It can also identify fake users based on screen touch and sensor behavior, as well as prevent batch registration, credential stuffing attacks, bonus hunting, and content crawlers through the use of CAPTCHA. All these features help developers provide a secure app experience for users.

AppsCheck

AppsCheck can help check for malicious apps on user devices. After AppsCheck is integrated into an app, the app will be able to obtain a list of malicious apps on the user’s device. The developer can then evaluate the risks and either warn the user about such risks or prompt the user to exit the app. In tests performed by three of the world’s largest antivirus companies, AppsCheck was able to detect malicious apps with an accuracy of 99%.

URLCheck

URLCheck allows apps to quickly check whether a URL that a user wants to visit is a malicious one, such as one that will download a virus or Trojan onto the user’s device, without affecting app performance or user experience. Developers can easily integrate URLCheck into their apps to provide users with a secure Internet browsing experience.

Quick Integration

Developers can easily integrate the four features of Safety Detect into their apps, with one API for each feature. Please visit the HUAWEI Developers website for a step-by-step integration guide and other related resources. You can also send an email to us at hmscore@huawei.com for further technical assistance.

In the future, Huawei will continue to invest in security and privacy protection to help developers build secure apps and jointly construct an all-encompassing security ecosystem.

For more information about Safety Detect, please visit its official website: https://developer.huawei.com/consumer/en/hms/huawei-safetydetectkit/