Why choose us?
Products
Mobile app protection
Promon SHIELD® for Mobile Secure iOS & Android apps from tampering, repackaging, & more.
Promon IP Protection Pro™ Protect app code & data from reverse engineering & copying.
Promon App Attestation™ Verify the integrity of apps accessing APIs in real-time.
Promon Asset Protection™ Store app secrets on compromised end-user devices securely.
Desktop app protection
Promon SHIELD® for Desktop Protect Windows & macOS apps from static & dynamic attacks.
SDK protection
Promon SDK Protection™ Defend SDKs from tampering, & unauthorized use.
Mobile app analytics
Promon Insight™ Understand security risks & make data-driven decisions.
Featured content
Have a financial app? Here's what you need to know about the EU's DORA.
Download the ebook
Solutions
For your industry
Banking Comply, prevent fraud, & protect sensitive data.
Payments Achieve compliance, prevent tampering, & secure data.
Gaming Prevent cheating, protect transactions, & revenue.
Streaming & media Secure content, intellectual property, & user data.
Retail & e-commerce Stop malware, MitM attacks, & account takeovers.
Public sector Prevent repackaging, breaches, & tampering.
Healthcare Ensure regulatory compliance & secure PHI.
Automotive Secure sensitive app data & assets.
Customer stories
We protect the world's leading brands, & we can protect yours too.
Read more
About Promon
Company
About us Learn about us & our 19-year history.
Contact us Need help? Get in touch with our team.
Careers #LifeAtPromon & the latest jobs.
Partners Become a partner & deliver app security.
We're hiring!
We're changing the world, one app at a time. Will you help us?
View open roles
Resources
App sec library
All resources Explore The Mobile App Security Library.
Customer stories Find out how the world's leading brands stay secure.
Webinars & events Meet peers (& Promon) online & around the world.
Ebooks & whitepapers Dive into the finer points of app shielding.
Blog Keep up with app sec news & developments.
Glossary Understand critical app sec terminology.
Knowledge Center
App shielding 101 What you need to know about mobile app shielding.
Obfuscation techniques & tools Discover code obfuscation best practices & protect your IP.
The OWASP MASVS explained Get started with resilience & get compliant.
The future of AI in cybersecurity Navigate artificial intelligence (AI) in cybersecurity.
Calculating your app security ROI Make a compelling business case for app protection.
Featured webinar
Obfuscation: Techniques, applications, & the impact of AI.
Watch it on demand
Book a meeting
Mobile API security

Block breaches, bots, & bad actors.

Promon App Attestation™ provides advanced mobile API security, ensuring only secure, verified apps access your APIs. Protect against unauthorized access, data breaches, and tampering with a solution that seamlessly integrates into your app's security framework.
Book a meeting Why choose us?
App Attestation Web header

  • App-Attestation_1-Icon

    Strengthen API security and app integrity

    Prevent data theft, tampering and unauthorized access whether attacks are automated or targeted.

  • Ambition-icon

    Eliminate false positives

    Other API protection solutions rely on behavioral and volumetric analyses that creates false positives, but Promon App Attestation is fully deterministic and stops true attacks.

  • Rocket-icon

    Seamless, self-contained integration at scale

    Eliminate reliance on external services and fully control your attestation with no tokens or rate limits so you can securely scale.

  • App-Shielding_1-icon

    Protect sensitive user data with runtime checks

    Validate app integrity at runtime, detect root or jailbreak states, identify hooking frameworks, and guard against malicious modifications before sensitive data is ever exposed.

In a nutshell

What is Promon App Attestation™?

Promon App Attestation™ verifies the integrity and authenticity of the mobile apps accessing your APIs in real-time to ensure that both bots and sophisticated attackers cannot access or abuse those APIs.

App Attestation uses a challenge-response mechanism to ensure that a genuine application on a secure device makes the API call. Each challenge-response is unique, making it difficult for hackers to exploit and reducing the risk of replay attacks. Promon App Attestation ensures that you don't have to worry even if the APIs and their keys are leaked.
  • Stop rogue mobile apps or servers impersonating legitimate sources.
  • Secure API connectivity without impacting regulatory constraints.
  • Reduce the risk of systemic attacks and fraud.
Book a meeting
Discover a better way to secure your mobile APIs.
Get in touch

What sets Promon App Attestation™ apart?

Unlimited, dynamic, transaction-based attestation

Promon App Attestation™ delivers continuous real-time verification, ensuring that every call to your backend APIs comes from an uncompromised and authentic app, with no rate limits to leave you uncovered.
  • Checkmark-icon

    Anti-bot / Anti-attacker

    Safeguards against both high-volume and stealthy attacks by ensuring every API call is authenticated, eliminating the inaccuracies associated with heuristic and volumetric detection methods.
  • Checkmark-icon

    Enhanced security

    Provides ongoing assurance of app integrity throughout all API transactions, minimizing the window of opportunity for attackers.
  • Checkmark-icon

    Proactive protection

    Detects and mitigates tampering attempts in real-time, rather than only at app launch.
  • Checkmark-icon

    Superior reliability

    Offers a higher security assurance level than intermittent verification approaches.
App-Attestation-differentiator-1

Comprehensive runtime security

Combining Promon App Attestation™ with Promon SHIELD® delivers unparalleled runtime security by performing exhaustive assessments that detect and mitigate sophisticated threats in real time. This robust approach safeguards your apps from tampering and APIs from unauthorized access.
  • Checkmark-icon

    Root / jailbreak detection

    Identify and prevent the use of rooted or jailbroken devices, which are more susceptible to unauthorized access and security breaches.

  • Checkmark-icon

    Hooking framework mitigation

    Detect and block the presence of runtime hooks or hooking frameworks that attackers might use to manipulate app behavior or intercept sensitive data.

  • Checkmark-icon

    Repackaging checks

    Ensure that your app has not been tampered with or repackaged, maintaining the integrity of your application code and functionality.
Learn more
App Attestation runtime protection resized

Fully self-contained and platform-agnostic

Promon App Attestation™ operates entirely in-band, supporting both iOS and Android platforms without relying on external services. This ensures consistent security across all deployed mobile applications while giving your organization complete control over the attestation process. By eliminating dependencies on third-party attestation services, Promon App Attestation enhances reliability and reduces potential points of failure, providing a unified and secure framework for your mobile apps and APIs.
  • Checkmark-icon

    Independence from external services:

    Eliminates dependencies on third-party attestation services, reducing potential points of failure and enhancing security and reliability of your apps.

  • Checkmark-icon

    Consistent cross-platform security:

    Provide a unified attestation mechanism to simplify security management and ensure uniform protection for all mobile applications.

  • Checkmark-icon

    Easy deployment

    Promon App Attestation facilitates a controlled and secure deployment process by allowing your organization to manage and oversee all aspects of app attestation internally, ensuring strict adherence to your security protocols.

App Attestation self contained

Empower your team and elevate app and API security

Leadership teams

Promon App Attestation™ empowers senior leadership by enhancing brand reputation, ensuring compliance, and driving competitive advantage. This comprehensive security solution not only protects sensitive data but also aligns with strategic business objectives to foster growth and trust.
  • Ensure that only verified and uncompromised apps interact with your backend APIs, building greater trust among customers and partners.
  • Stay ahead of regulatory requirements and industry standards, reducing the risk of non-compliance penalties and potential security breaches.
  • Differentiate your business in the market by offering superior mobile app security, attracting customers who prioritize data protection and privacy.
Leadership-teams

Security teams

Promon App Attestation™ provides security teams with advanced tools to maintain robust protection and streamline security operations. By offering continuous verification and minimizing false positives, it enhances the overall security posture and allows teams to focus on genuine threats.
  • Implement dynamic, transaction-based validation that ensures ongoing assurance of app integrity and authenticity with every API interaction.
  • Benefit from reliable app verification, reducing false positives and enabling your security team to concentrate on genuine threats.
  • Conduct thorough runtime security checks, including root/jailbreak detection and runtime hook identification, to proactively prevent sophisticated attacks.
Security-teams

App and backend development teams

Promon App Attestation™ provides robust security by enabling both app and backend development teams to implement comprehensive attestation measures. Your organization maintains full control over the attestation process without relying on third-party services. This ensures enhanced security and reliability, allowing development teams to focus on building innovative features and delivering exceptional user experiences.
  • Maintain full organizational control over the attestation process, ensuring that all security measures align with your specific requirements and policies.
  • Provide consistent security across major mobile platforms by supporting both iOS and Android, ensuring that all deployed applications adhere to the same high standards of integrity and authenticity.
  • Utilize a stateless backend design that simplifies long-term maintenance and scales effortlessly with your application’s growth, reducing complexity and ensuring sustainable security management for backend teams.
Dev-teams

Extend Promon App Attestation™ with ease

A suite of tools was developed to shield your apps, organization, and users.

  • SHIELD-Mobile_no background

    App shielding for iOS and Android

    Secure any mobile app, at scale, in real time.

    Promon SHIELD® for Mobile
  • IP-Protection

    Obfuscate your app code

    Protect your IP by concealing the logic and purpose of the app’s code.

    Promon IP Protection Pro™
  • Insight

    Actionable analytics for mobile apps

    Reduce business and security risks with actionable, evidence-backed threat intelligence.

    Promon Insight™
  • Asset-Protection

    Protect sensitive information

    Store app secrets securely on end-user devices even when they are rooted or jailbroken.

    Promon Asset Protection™

Take the next step to protect your apps and APIs

Download the datasheet to learn how Promon App Attestation™ can prevent unauthorized access, tampering, and data theft.
Get the Promon App Attestation™ brochure

Discover Promon for your industry

Explore how Promon App Attestation™ secures your API access across finance, gaming, streaming, e-commerce, and more.

Banking and open banking

Verify the integrity and authenticity of your banking or fintech applications to guarantee that only trusted versions of the apps can interact with your servers. Promon App Attestation™ ensures the security and integrity of the communication between the app and the servers of different financial organizations, preventing unauthorized access and data theft.

 
Learn more

Gaming

Protect against fraud and swiftly detect and block unauthorized app connections in real-time, ensuring fair gameplay for your games. Promon App Attestation™ delivers filtered, controlled access to your APIs and allows you to react if non-genuine apps are trying to connect to your servers.

Learn more

Streaming

Keep streaming content secure and accessible only through legitimate channels, preventing unauthorized distribution and piracy. Promon App Attestation™ diminishes DRM breaches on the server side because, even if DRM keys are leaked, the API can only be accessed by protected, unmodified applications.

 
Learn more

Retail and e-commerce

Safeguard your businesses from fraudulent transactions, account takeover, and identity theft, and minimize the risk of disputes and chargebacks. By thoroughly verifying the integrity and authenticity of your apps in real-time, the module establishes a secure and trusted connection between the apps and your eCommerce platform’s APIs.

 
Learn more

Healthcare

Promon App Attestation™ ensures that only verified and uncompromised mobile health applications can access backend systems, thereby safeguarding patient information from unauthorized access and breaches. Additionally, by continuously validating app integrity and authenticity in real time, App Attestation helps healthcare organizations comply with stringent regulations like HIPAA, reducing the risk of non-compliance penalties and enhancing overall data security.  

Learn more
FAQ

Your questions answered

How does Promon App Attestation™ differ from other app attestation solutions?

Promon App Attestation™ distinguishes itself from competitors through several key differentiators: 

1. It offers unlimited transaction-based validations, ensuring continuous and comprehensive protection without the usage limits or quotas that other solutions may impose.

2. App Attestation conducts in-depth runtime security assessments, including root/jailbreak detection, runtime hook identification, repackaging checks, and hooking framework detection, which surpasses the more limited checks provided by other platforms.

3. By operating entirely in-band without relying on external services, providing a fully self-contained and platform-agnostic solution that enhances reliability and simplifies deployment across both iOS and Android platforms. Eliminating these dependencies on third-party attestation services allows your organization to maintain full control over the attestation process, ensuring that all security measures align with your specific requirements and policies, thereby enhancing overall security and reliability.

How easy is it to integrate Promon App Attestation™ into our existing mobile app development pipeline?

Because Promon App Attestation™ is tightly integrated with Promon SHIELD®, it deploys quickly and easily into both your mobile apps and your development pipeline. This streamlined integration is fully post-compile and on-prem, allowing your mobile applications to be secured efficiently and effortlessly.

By eliminating the need for modifications to your existing mobile app codebase, App Attestation enables rapid deployment and distribution of secured mobile apps within minutes.

Additionally, the integration fits naturally into your existing development and deployment workflows, ensuring that your development teams can focus on building innovative features and enhancing user experiences without being burdened by complex security implementations.

How easy is it to integrate Promon App Attestation™ into our existing backend systems?

Promon App Attestation™ offers a streamlined process that minimizes complexity while providing robust security benefits. The integration aligns with existing backend workflows, reducing the complexity typically associated with backend security implementations. By utilizing a stateless backend architecture, App Attestation simplifies long-term maintenance and scales effortlessly with your application’s growth, ensuring sustainable security management for backend teams.

Additionally, by managing the attestation process internally, your organization maintains full control over security protocols without relying on external services, enhancing reliability and ensuring that security measures are tailored to your specific requirements and policies.

Comprehensive documentation and dedicated support are provided to assist backend development teams throughout the integration process, ensuring a smooth and efficient setup.

How does the unlimited checks feature of Promon App Attestation™ benefit our organization compared to competitors?

The unlimited checks feature of Promon App Attestation™ offers significant advantages over competitors that may impose limits or quotas on verification attempts.

With unlimited transaction-based validations, your organization can handle high volumes of user interactions and API calls without worrying about hitting usage caps, ensuring consistent and reliable security regardless of application scale or user base growth. This feature eliminates the need to monitor and manage verification quotas, reducing administrative overhead and allowing your security and development teams to focus on other critical tasks without interruptions or constraints.

Additionally, unlimited checks provide continuous and thorough validation of app integrity and authenticity, offering robust defense against sophisticated attacks without gaps in protection. This reduces the risk of undetected compromises and enhances your overall security posture.

Moreover, it ensures cost predictability by avoiding unexpected costs associated with exceeding usage limits, as App Attestation provides a consistent and scalable security solution without additional charges for higher usage volumes.

Ready to get started?

Connect to an expert to talk about your API security needs and how we can help.
Book a meeting