Time Tampering Detection
| Plan | Platforms | MASVS |
|---|---|---|
| Team | Android, iOS | MASVS-RESILIENCE-1 |
Overview
Time Tampering Detection identifies signs that a device clock or timezone has been manipulated in a way that could affect app security decisions. Time manipulation can undermine licensing, session expiry, fraud checks, replay protections, time-limited access, and audit trails.
When time tampering risk is detected, AppTego applies your configured response.
When To Use It
Use this control when your app depends on trustworthy device time for:
- Session expiry, replay protection, or token freshness checks.
- Trial periods, subscriptions, entitlements, or paid content.
- Fraud monitoring, geolocation policy, or transaction risk decisions.
- Audit trails, approvals, compliance records, or regulated workflows.
How It Works
The protected app evaluates platform time, timezone, network, and monotonic-clock signals for suspicious inconsistencies. AppTego does not publish exact endpoints, timing, tolerances, thresholds, scoring weights, or execution order in public documentation.
The control is designed to distinguish everyday timezone changes from higher-risk clock manipulation where possible.
How to Enable the Control
Navigate to Detection & Response from the AppTego portal, and expand the Network And Location Detection section. Under this section you will find the Time Tampering Detection control. Click Enable Configuration, choose the response action, and save the configuration for the next build or for it to be applied with a live push (if enabled).
API Configuration Example
{
"TimeTamperingDetectionResponse": {
"detection": true,
"action": "close",
"title": "Time Tampering Detected",
"message": "Your device clock appears to be incorrect. Please enable automatic date and time.",
"buttons": ["Settings", "Close"],
"actions": ["open_url", "close"],
"redirects": ["app-settings:", ""]
}
}| Field | Purpose |
|---|---|
detection | Enables or disables time tampering detection. |
action | Selects the response style, such as close, alert, log, or warn. |
title / message | User-facing text shown when a response is displayed. |
buttons / actions / redirects | Defines the available response buttons and their outcomes. |
Compatibility Notes
- Travelers, dual-SIM users, and managed devices may have legitimate time or timezone differences. Start with telemetry if your user base includes these patterns.
- Offline devices may have fewer reliable time signals.
- For high-risk decisions, combine client-side detection with server-side timestamp validation.