Verifying OS Integrity with Hardware-Backed Key Attestation

In an age where mobile apps hold extensive sensitive data, securing the environment in which these apps operate is critical. Mobile app security encompasses multiple layers of protection, and one crucial aspect of the security is ensuring that the device running the app can be trusted and has not been tampered with. Hardware-backed key attestation is a mechanism that can play a role in protecting mobile apps by validating the integrity of the device and its environment. This blog explores what key attestation is, how it works, and its specific use cases in mobile application protection, especially from a security standpoint.

What is hardware-backed key attestation?

Key attestation is an enabling feature of the Android ecosystem. It allows mobile applications to verify that the device's operating system, bootloader, and overall environment have not been tampered with. Key attestation checks whether the device’s OS has been modified and ensures that the device is running trusted software directly from the hardware layer. DexGuard recently introduced a feature called OS Integrity which builds upon this key attestation scheme.

A key attestation implementation can extend or complement existing heuristic root detections. Heuristic root detections only check for signs of rooting or custom modifications in the application sandbox, while hardware-backed key attestation involves data from the device’s Secure Element or Trusted Execution Environment. These techniques pull data from the device’s Secure Element or Trusted Execution Environment (TEE) to confirm the device’s integrity. The process involves verifying the device's bootloader, ensuring the authenticity of the device ROM. This enables additional, more strict verifications around the integrity of the device. This can be particularly helpful since many common rooting techniques on Android require unlocking the device bootloader.

How does it work?

The process begins by leveraging the device's KeyStore, which stores cryptographic keys, to retrieve a certificate chain. This attestation certificate will contain information about the integrity of the bootloader, ensuring that the device has not been compromised. The verification checks several factors, including:

1. Certificate chain verification: The integrity of the certificates in the chain is verified to ensure they have not been revoked or tampered with.
2. Root certificate verification: Checks that the root certificate is trusted, coming from Google or a trusted third party, ensuring that the device has not been tampered with.

The importance of key attestation for mobile app protection

While key attestation offers robust security for mobile applications, it does come with trade-offs that app developers need to consider carefully. Here's how it enhances mobile app security and the challenges it may pose:

Real-world use cases for hardware-backed key attestation

Key attestation provides critical security benefits across various industries and use cases. Below are examples where its application can be particularly impactful:

1. Point-of-Sale (POS) systems

   Point-of-sale systems are among the most significant beneficiaries of the strictness provided by hardware-backed key attestation. Ensuring that the environment handling payments and PIN entry is uncompromised is paramount for maintaining transactional security. Merchants using POS apps can reasonably be required to meet strict device system requirements to ensure compliance with security standards like PCI DSS and to protect against fraud or data breaches. By leveraging key attestation, developers can enforce a secure, tamper-resistant environment that inspires trust and enhances the reliability of POS systems.

2. Financial institutions & mobile payment apps

   For financial institutions and mobile payment applications, protecting sensitive financial data and preventing fraud is critical. In these cases, maintaining strict environment integrity ensures that devices running these apps are not tampered with and that security measures cannot be bypassed through device modifications. For example, a payment app requiring compliance with PCI DSS standards may utilize key attestation to guarantee the strictest levels of security for transactions.

3. Leveraging key attestation for security-related SDKs

   Security-focused SDKs, such as those used for identity verification, can greatly benefit from implementing key attestation as part of their protection strategy. By verifying the integrity of the device's environment, these SDKs can ensure that identity assurances are provided only when the device is uncompromised. For devices that fail key attestation, indicating potential tampering or a compromised environment, the SDK can return an inconclusive or risky verdict, signaling that the identity verification process may be vulnerable to manipulation. This approach helps maintain the integrity of sensitive operations, such as authentication or fraud prevention, by prioritizing secure environments and flagging high-risk scenarios for further review.

Strictness of key attestation: challenges & trade-offs

While key attestation offers substantial security benefits, it also comes with trade-offs. On the one hand, key attestation provides strong security by ensuring that devices with modified bootloaders or custom ROMs fail integrity checks, preventing attackers from bypassing app protections. However, this level of strictness can inadvertently alienate non-malicious users who rely on custom ROMs for device personalization or updates. Similarly, certain OEMs may not implement trusted certificates (e.g., passed Google certification), causing their devices to fail key attestation by default unless a customized solution is employed to accommodate these non-certified devices. Additionally, older devices often lack support for hardware-backed key attestation entirely, which can lead to failures if such checks are strictly enforced. For apps that need to maintain compatibility with legacy devices, these limitations must be carefully considered to strike a balance between security and usability.

A flexible approach to achieve both security & a strong UX for consumer apps

Given the challenges and trade-offs, that doesn't mean that key attestation can't be useful for you. One beneficial approach to consider is enabling this scheme but utilizing server-side threat data collection to gain insight into when this detection triggers. In these cases, you can allow users to continue using your application but have insight on which users and devices are running your app on potentially untrusted devices. You can tailor the app experience or simply use this insight to help with fraud analysis and decision making. Guardsquare makes this possible by combining DexGuard with ThreatCast, giving you full visibility of the integrity of your users' devices.

Guardsquare enables you to tailor security to your app’s need

A key attestation scheme, such as the one we implement with DexGuard’s OS integrity feature, provides a powerful tool for enhancing mobile app security by verifying the integrity of the device and its environment. It is a critical component for applications that handle sensitive data or need to comply with strict regulatory standards. However, its strictness can lead to impacts on your application UX, affecting non-malicious users who use custom ROMs or unlocked bootloaders for legitimate reasons. DexGuard offers you the flexibility to enable this feature in situations that best suit your security needs.

App developers must carefully assess whether the trade-offs involved in implementing key attestation are appropriate for their specific use case. For apps where security is paramount, such as financial services or payment solutions, key attestation can be a useful layer. For more conservative use cases, enabling it in combination with threat monitoring can give you visibility without sacrificing UX.

In the evolving landscape of mobile app security, key attestation offers a critical layer of protection that ensures devices remain trustworthy and secure, providing peace of mind to both developers and users alike.

Contact our experts today to discover how Guardsquare can help you create the most secure version of your mobile app.