App Integrity
App integrity controls help verify that a protected app is genuine, running in an expected environment, and still aligned with the release policy you configured. They are strongest when layered with runtime detection, certificate pinning, and obfuscation.
Use this guide to choose an integrity posture before configuring individual controls.
Integrity policy affects real users when devices, app versions, or distribution paths do not match your release expectations. Start with visibility, then enforce after support and remediation paths are clear.
Integrity Control Matrix
| Control | Platforms | Minimum plan | Execution | Use when |
|---|---|---|---|---|
| App Tamper Detection | Android, iOS | Team | Runtime | You need to detect modified binaries or altered app resources. |
| Google Play Integrity | Android | Enterprise | Runtime and server-side validation | Your Android app is distributed through Google Play and should prove app and device integrity. |
| Apple App Attest | iOS | Enterprise | Runtime and server-side validation | Your iOS app needs cryptographic proof that requests come from a genuine app instance on a supported Apple device. |
| Enforce App Update | Android, iOS | Team | Runtime | Users must move to a newer app version before continuing. |
| Enforce Latest Configuration | Android, iOS | Enterprise | Runtime | Deployed apps must refuse stale required configuration. |
Recommended Integrity Profiles
| Profile | Recommended controls | Notes |
|---|---|---|
| Baseline release protection | App Tamper Detection, Enforce App Update, Enforce Latest Configuration | Good default for production apps that need release control and tamper visibility. |
| High-risk Android app | Baseline plus Google Play Integrity, Root Detection, Debuggable Detection, Hook Detection, and Certificate Pinning | Best for apps distributed through Google Play where Play Services coverage matches your market. |
| High-risk iOS app | Baseline plus Apple App Attest, Jailbreak Detection, Debugger Detection, Hooking Detection, Memory Tamper Detection, and Certificate Pinning | Test on physical devices because platform attestation is not available in simulators. |
| Enterprise-controlled deployment | Baseline plus device posture controls such as Device Lock, Developer Options, VPN, USB Connection, and Unknown Sources Detection | Match enforcement to your device management policy and user support process. |
How Integrity Checks Are Used
Integrity checks answer different questions:
| Question | Controls that help answer it |
|---|---|
| Is this the app build we expect? | App Tamper Detection, Play Integrity, App Attest. |
| Is the device or runtime trustworthy enough? | Play Integrity, App Attest, Root Detection, Jailbreak Detection, Debuggable Detection, Debugger Detection, Hook Detection. |
| Is this app still allowed to run? | Enforce App Update, Enforce Latest Configuration. |
| Can backend trust the app instance and TLS path? | Play Integrity, App Attest, Certificate Pinning. |
AppTego validates supported attestation results with server-side checks and then applies your configured response. The public contract is the security posture and rollout behavior; AppTego handles the platform-specific protocol details for you.
Rollout Guidance
- Configure integrity controls separately for Development, Staging, and Production.
- Start with Log or a non-blocking Message response while you collect real device results.
- Test on physical Android and iOS devices, including older OS versions and managed-device profiles.
- Confirm your distribution channel before enforcing store-specific checks. Play Integrity is designed for Google Play distribution, and App Attest requires supported Apple devices.
- Prepare support messaging for unsupported devices, rooted or jailbroken devices, sideloaded builds, and app versions outside your release policy.
- Move to Terminate only after false-positive behavior and customer support paths are understood.
Platform Considerations
| Platform | Consideration |
|---|---|
| Android | Play Integrity depends on Google Play Services and Play Console configuration. Apps distributed outside Google Play should validate whether Play Integrity is appropriate for their release model. |
| iOS | App Attest requires supported physical devices. Simulators and some test configurations cannot produce production attestation results. |
| Both | Integrity controls complement runtime detections. A device can pass one signal and still fail another, so high-risk apps should use layered policy instead of relying on one check. |
User And App Impact
Integrity controls can be silent or visible depending on your configured response. A strict production policy may prevent app use on modified devices, unsupported devices, unofficial distributions, or stale app versions. Use clear messages that tell legitimate users how to resolve the issue, such as installing from the official store, updating the app, disabling unsupported tooling, or contacting support.
Release Checklist
| Check | What to confirm |
|---|---|
| Distribution channel | The integrity policy matches Google Play, App Store, MDM, or internal distribution expectations. |
| Physical devices | Attestation and integrity behavior is validated outside simulators and emulators. |
| User messaging | Legitimate users have a clear support or update path when blocked. |
| Backend alignment | Server-side validation and app release timing are coordinated where required. |
| Monitoring | Dashboard and device logs are reviewed after rollout. |