The application was not found to be using jailbreak detection as a protection measure for the app. This is a common protection for production applications, to ensure that a user with a jailbroken device cannot obtain unintended access to components of the application which make exploitation easier.
Steps to Reproduce
At runtime, the NowSecure Platform observes the application for common jailbreak detection methods. It then bypasses those methods so that we can perform the deep testing that is required to generate our results. This warning occurs if the Platform did not observe any of those methods.
Business Impact
This app is not using a common protection that prevents users from getting access to more sensitive parts of the application.
Remediation Resources
There are a number of jailbreak detection methods provided by simple code checks as well as commercial products. Evaluate with your team if you app requires this protection based on the risk profile for the app, then chose the method that works best for you.
Evaluation Criteria
Keep in mind that your app may have an exotic type of jailbreak detection that may not have been detected by the Platform which meets your requirements. Additionally, NowSecure may ask for a build without these exotic detections in order to facilitate better testing results, or it may be excluded from development builds.
Finding Description
The application was not found to be using jailbreak detection as a protection measure for the app. This is a common protection for production applications, to ensure that a user with a jailbroken device cannot obtain unintended access to components of the application which make exploitation easier.
Steps to Reproduce
At runtime, the NowSecure Platform observes the application for common jailbreak detection methods. It then bypasses those methods so that we can perform the deep testing that is required to generate our results. This warning occurs if the Platform did not observe any of those methods.
Business Impact
This app is not using a common protection that prevents users from getting access to more sensitive parts of the application.
Remediation Resources
There are a number of jailbreak detection methods provided by simple code checks as well as commercial products. Evaluate with your team if you app requires this protection based on the risk profile for the app, then chose the method that works best for you.
Evaluation Criteria
Keep in mind that your app may have an exotic type of jailbreak detection that may not have been detected by the Platform which meets your requirements. Additionally, NowSecure may ask for a build without these exotic detections in order to facilitate better testing results, or it may be excluded from development builds.
Risk and Regulatory Information
Severity: info
Application
See more detail in the NowSecure Report