Our community has moved to Discord. Join us there!
Cybr.com/Discord
These forums are still up for historical purposes.

Home Page Forums General Discussions Application Security Discussions Jailbroken devices and 3rd party secret keys in mobile devices

  • Jailbroken devices and 3rd party secret keys in mobile devices

    Posted by Christophe on July 16, 2020 at 9:38 pm

    A Cybr member reached out the other day via email with some questions that I felt would be interesting and helpful to others as well. So with his permission, I’m posting it here with anonymization and details stripped out.

    I’ve been working on a mobile application and have a few questions.

    1. Is it safe to allow users with jailbroken devices to access the app? Is it safe for the users?
    2. Is it safe for 3rd party secret keys that we store in the app? Like integration keys that use SDKs? How can we protect those keys from things like reverse engineering attacks
    3. Wouldn’t allowing jailbroken devices to use the app circumvent a lot of our security controls and expose things like those keys?

    Christophe replied 4 years, 2 months ago 1 Member · 1 Reply
  • 1 Reply

Log in to reply.