Comprehensive security system in AppGallery
During the annual Huawei Developer Conference (HDC) from 22–24 October 2021, Huawei experts introduced the comprehensive security system in AppGallery.
AppGallery has developed a comprehensive security assurance system that consists of developer real-name authentication, exclusive four-layer malicious App detection, download and installation assurance, and running protection. The system runs through the entire process of app development, release, download, installation, and running.
Developer Real-Name Authentication Ensures User Privacy & Security
Huawei AppGallery prevents malicious applications that may infringe user privacy or steal user property. It filters out applications that may bring security risks to users and provides them with a secure application access experience.
Huawei AppGallery also implements developer real-name authentication. All on-premises developers must pass strict real-name authentication to filter out third-party apps whose sources are unknown and reduce application security risks.
Four-Layer Malicious App Detection System to Ensure User Privacy
All AppGallery apps need to pass a quadruple safety test to be eligible for release. AppGallery protects against malicious apps that may infringe user privacy or steal user property. Through careful selection and strict testing, AppGallery rejects apps that may pose security risks to users, providing users with a secure app acquisition experience.
The first layer of the four-layer protection includes malicious behaviour detection which focuses on detecting viruses, Trojan horses, malicious fee deduction, and malicious traffic consumption. To handle large numbers of app release requests, AppGallery uses SecDroid, a cloud-based automatic scanning platform that works with multiple well-known antivirus engines in the industry to detect viruses across Android packages (APKs). In addition, SecDroid uses sandbox-based dynamic execution technology and static feature analysis technology to detect and analyse sensitive behaviour, such as malicious billing, excessive traffic consumption, and malicious tampering of personal information.
The second layer is security vulnerability scanning, which combines dynamic and static scanning for security vulnerabilities, greatly reducing the probability of vulnerabilities or backdoors in apps. The scan covers tens of analysis and detection aspects, including the security of components and data, excessive traffic consumption, insecure command execution, analysis of APKs for potential vulnerabilities, and more.
The third layer is the privacy breach inspection, which aims to prevent apps from invoking, collecting, transmitting, or using sensitive user data, such as the address book and photo library, without users’ authorisation or disregarding existing legal grounds. Both static and dynamic privacy analysis covers security vulnerabilities such as detection of corruption and breach points, identifying common issues such as key leakage, dangerous functions, and insecure algorithms. Filter criteria (such as suffix and type) are then set for refined control over scanned objects to determine the exact match locations and contexts as well as highlight the matched contents.
The final and fourth check passes through the manual recheck phase, in which a dedicated security team tests the apps in real-world scenarios to ensure compatibility, safety, as well as reliability to ensure users have the best app experience before it is released on AppGallery.
Download and Installation Assurance
AppGallery protects against malicious apps that may infringe user privacy or steal user property. Through careful selection and strict testing, AppGallery rejects apps that may pose security risks to users, providing users with a secure app acquisition experience.
Integrity check: The SHA256 information digest algorithm is used to verify the integrity of an app installation package by checking the consistency between the digest value of the uploaded installation package and of the downloaded installation package. App installation packages that are uploaded in blocks are verified in real time during download. An app installation package that is uploaded as a whole is verified after download.
Signature verification: Only apps with complete developer signatures can be installed in EMUI. App signatures can be used to verify the integrity and legitimacy of the source of apps. The system verifies the signature of an app to check whether it has been tampered with before installing the app. Apps that fail this verification cannot be installed. The system also verifies app signatures before updating pre-installed or user-installed apps. Such an app can only be updated when the signature of the updated version is the same as the existing signature. This prevents malicious apps from replacing existing verified ones through updates.
Threat detection: Security risks may exist in apps due to unknown third parties, and downloading apps from unverified sources may bring with them malicious security threats. It is recommended that default security settings be retained to prevent unnecessary risks. EMUI has an industry-leading built-in antivirus engine, which is used to detect viruses in user-installed apps. The system supports local and online virus scanning and removal, to ensure that app risks are identified regardless of whether user devices are connected to the Internet. The antivirus engine can scan viruses during app installation and in the backend. Once a virus is detected, a risk warning is displayed, prompting users to handle the virus.
AI security defense: EMUI provides a hardware-based AI computing platform for device security protection. It has a built-in industry-leading AI antivirus engine encompassing a security defense-oriented AI model that is built upon deep learning and training. EMUI observes the behaviour of unknown app software in real time to identify new viruses, new variants of existing viruses, and dynamic loading of malicious programs, and runs the AI model on devices to analyze the activity sequence of unknown software. This quickly and effectively detects threats and improves app threat detection capabilities. Once a malicious app is detected using AI security defense, the system will immediately generate a warning to prompt the user to handle the app. (This function is available only for certain chip models.)
Download and Installation Assurance
App sandbox: EMUI provides an app sandbox mechanism which enables all apps to run in isolation within the sandbox to ensure runtime security. When an app is installed, the system allocates a private storage directory to the app, which cannot be accessed by other apps, ensuring static data security. The sandbox isolation technology protects the system and apps against attacks from malicious apps. The system allocates a unique user identity (UID) to each app and builds an app sandbox based on UIDs. The sandbox provides multiple kernel access control mechanisms, such as discretionary access control (DAC) and mandatory access control (MAC), to restrict apps from accessing files and resources outside the sandbox. By default, all apps are sandboxed. To access information outside the sandbox, an app needs to use services provided by the system or exposed interfaces of other apps and obtain the required permissions, without which the system will deny access to apps. Apps with the same signature can share a UID, and share code and data in the same sandbox.
Runtime memory protection: Malicious apps usually obtain memory addresses by viewing the memory if the allocated memory addresses are relatively fixed during app operation. EMUI provides ASLR and data execution prevention (DEP) to prevent attackers from exploiting memory vulnerabilities.
Regular app retest: Security scans and retests are performed on released apps every month to identify and remove apps with security issues. The security operation team periodically updates the sensitive word library, with a focus on hot events, and handles apps that control malicious behavior through developers’ cloud environment.
Universal supervision: Users can report apps with security issues through HUAWEI AppGallery, contacting customer service or other channels. HUAWEI AppGallery staff will handle such apps promptly after verification.
For more information, please visit https://consumer.huawei.com/en/privacy/.. You may also read the latest HMS Security Technical White Paper here.