epicsapis
Member
Hi, I am new here.
I want to build my first App with B4A but I have some security concerns.
My app will consume an API that have been already created. It has some security measures like OAuth etc... Now, I have read that is very easy to decompile an app and see the code, also I read that is possible to obfuscate the code to make it harder for the hackers and is possible to use something called Mobile App Attestation to make sure that the API only process request coming from my real app and not from another app/script/bot/whatever created by a hacker who knows the API endpoint found in the decompiled app.
Now, my questions are:
1) How can I do code obfuscation on B4A?
2) How can I do Mobile App Attestation on B4A?
3) Is there any other security measure that I should consider in the App side?
Hope you can help me on that.
Note: I have been web developer since 2010. I have NEVER created a mobile app in my life, sorry if those are basic things.
I want to build my first App with B4A but I have some security concerns.
My app will consume an API that have been already created. It has some security measures like OAuth etc... Now, I have read that is very easy to decompile an app and see the code, also I read that is possible to obfuscate the code to make it harder for the hackers and is possible to use something called Mobile App Attestation to make sure that the API only process request coming from my real app and not from another app/script/bot/whatever created by a hacker who knows the API endpoint found in the decompiled app.
Now, my questions are:
1) How can I do code obfuscation on B4A?
2) How can I do Mobile App Attestation on B4A?
3) Is there any other security measure that I should consider in the App side?
Hope you can help me on that.
Note: I have been web developer since 2010. I have NEVER created a mobile app in my life, sorry if those are basic things.
Last edited:
