Glossary

A plain-language guide to the terms used throughout the docs.

Files & Distribution#

APK — The file used to install an Android app on a phone. Because it's a single archive that can be unpacked and inspected, it needs protection.

AAB — The bundle you upload to Google Play. Play generates and distributes device-specific APKs from it.

Store — A marketplace like Google Play where you publish apps to distribute them to users.

zipalign — A step that aligns the app file so the device can read it quickly. Appsolid handles this automatically.

Signing#

Signing — A digital seal that proves "I built this app." Without a signature, an app cannot be installed or distributed. → Getting started

Keystore — The secret file that holds that seal (the signing key). It must never be handed off to anyone else. That's why the app owner signs the app themselves after protection. → Getting started

Attack Techniques#

Reverse engineering — Disassembling an app to discover how it works and where its weaknesses are.

Obfuscation — A protection technique that scrambles and encrypts code to make it hard to read. → How it works

RASP — A protection technique by which an app detects and responds to threats on its own while running (Runtime Application Self-Protection). → Protection options

Hooking — A technique that intercepts an app's behavior at runtime and swaps it out. Appsolid detects it. → Protection options

Frida — A widely used hooking and analysis tool. It's often used to bypass payment and authentication, so Appsolid detects it. → Protection options

Debugger — A tool that pauses an app line by line to inspect it. Used for analysis. Appsolid detects it. → Protection options

Tampering — Secretly modifying an app file and then redistributing it. → Threat model

Device Environment#

Rooting — A state in which a phone's safeguards have been removed to gain full privileges. Often used for hacking and cloning. Appsolid detects it. → Protection options

Emulator — A virtual phone simulated on a PC rather than a real device. Used for large-scale analysis. Appsolid detects it. → Protection options

ADB — A channel that connects a PC to an Android device (via USB and other means) to control and debug it. → Protection options

Usage Metrics#

Active devices — The distinct devices that have run the app.

DAU / WAU / MAU — The number of active users over a day / a week / a month (Daily / Weekly / Monthly Active Users).

Package name — The unique name that identifies an app (e.g., com.company.app). Monitoring is grouped by this unit. → Threat monitoring

Anonymous identifier — A random number that distinguishes a device without identifying any individual. It is not personal information.

Advanced#

Key entanglement — A technique that folds the results of debugger and hooking detection into the derivation of the decryption key. In a hooked environment the key comes out wrong, so decryption fails and the original code is never loaded into memory. Unlike "detect, then block," there is no branch to disable.

Packing — Protection that keeps the original code (DEX) encrypted and decrypts it for loading only at runtime. Appsolid uses AES-256-GCM together with in-memory loading. → How it works

AES-256-GCM — A standard symmetric-key cipher. It provides confidentiality and integrity (tamper detection) at the same time.

InMemoryDexClassLoader — An Android 8.0+ API that loads DEX from memory without touching disk, so no plaintext DEX is left on disk. → Compatibility

O-MVLL / O-LLVM — Native obfuscation at the compiler (LLVM) stage. Applies control-flow flattening (CFF), opaque predicates, MBA, and more. → How it works

Control-flow flattening (CFF) — Flattens a function's execution flow into a giant branch table to make the flow hard to follow.

RASP 3-tier — Classifies threats into three tiers: environment (rooting, emulator, ADB), instrumentation (Frida, hooking, debugger), and integrity (tampering). → Protection options

frida-dexdump — An automated tool that dumps DEX unfolded in memory. Key entanglement and the native loader obstruct it.

ART verifier — The bytecode verifier in the Android Runtime (ART). Even if code passes development-time d8 verification, the app won't run if the ART verifier rejects it → Appsolid closes this gap with a release gate. → Compatibility

HMAC — A secret-key-based message authentication code. Used to prevent forgery and tampering of telemetry (per-app keys). → Threat monitoring