Protect sensitive data. Secure your app from the inside out. Promon Data Protect™ safeguards the secrets your app depends on—API keys, tokens, certificates, configuration files, and user data—keeping them encrypted, isolated, and inaccessible to attackers, even on rooted or jailbroken devices.
Promon Data Protect™ encrypts and isolates sensitive assets inside your app package and on the device. It prevents attackers from extracting, modifying, or cloning secrets, regardless of device state, by combining two protection layers:SAROM for static assets and SLS for dynamic data.
Keep API keys, tokens, and certificates secure on-device
Encrypt both static and dynamic app data with dual-layer protection
Protect sensitive assets without relying on OS keychains or hardware enclaves
Book a meeting
Discover what's possible with Promon Data Protect™.
Why Promon Data Protect™: End-to-end security for sensitive app data
Keep sensitive data encrypted and device-bound
Even if a device is rooted or jailbroken, Promon Data Protect™ keeps your app’s local data encrypted, isolated, and tied to that device. Secrets are decrypted only in memory and only when needed, with keys destroyed immediately after use, keeping exposure to a minimum.
Prevent extraction of API keys, tokens, and certificates
Block attackers from reusing secrets on other devices
Reduce fraud and data leakage risks
Protect app secrets and credentials
Promon Data Protect™ secures critical app assets throughout the entire lifecycle. Static assets are encrypted during shielding, while dynamic data remains isolated at runtime. No secret ever appears in plaintext on disk.
Ensure secrets never exist unencrypted on disk
Prevent key theft through static or dynamic analysis
Harden the app against repackaging or code modification
Hardware-independent protection
Unlike OS keychains or secure enclaves, Promon Data Protect™ works consistently across all devices, operating systems, and frameworks, ensuring broad coverage without specialized hardware.
Avoid platform fragmentation and inconsistent protection
Reduce reliance on device-specific hardware modules
Maintain predictable security across global user bases
Secure your AI-driven features
AI-enabled apps rely on local files, prompts, datasets, and configuration assets that attackers can extract, leak, or manipulate. Promon Data Protect™ keeps these AI-related resources encrypted, device-bound, and tamper-proof, even on rooted or jailbroken devices.
Prevent extraction or cloning of embedded AI models and prompts
Block poisoning or tampering with internal AI files and caches
Reduce privacy and regulatory risk tied to AI data exposure
Key capabilities
What makes Promon Data Protect™ different
Dual-layer protection with SLS and SAROM
Combines Secure Local Storage (SLS) for runtime data with Secure Application ROM (SAROM) for static assets, ensuring full coverage for every data type.
Dynamic, on-demand decryption
Decrypts assets only when needed, keeping secrets protected in memory and never exposed on disk.
Device-bound encryption
Ties data cryptographically to the device, making secrets impossible to clone or reuse elsewhere.
Independent of OS security features
Does not rely on OS keychains, Secure Enclave, Keystore, or hardware-backed modules, ensuring consistent, reliable protection.
EMVCo-certified white-box cryptography
Meets EMVCo standards for key protection with proven resilience against key extraction.
SAROM protects information built into your app, like API keys or certificates, before the app is published. This keeps attackers from extracting valuable data, even if they get access to the app’s internal files. SAROM doesn’t depend on any device-specific features.
SLS
SLS protects data stored on the device, like session tokens. It generates unique encryption keys using app- and device-specific inputs. If available, hardware features like Android Keystore or iOS Keychain add extra protection, but SLS remains secure even on rooted or jailbroken devices through strong software-based safeguards.
Sensitive data protection that fits your role
Business, compliance and risk leaders
Protect sensitive data, reduce the risk of fraud or credential exposure, and maintain strong compliance without introducing operational complexity. Promon Data Protect™ delivers predictable, hardware-independent security that strengthens your regulatory posture across all markets.
Reduce fraud, data leakage, and IP exposure
Strengthen compliance with standards like PCI, GDPR, DORA, MASVS
Improve governance and build trust with regulators and customers
Security and DevSecOps teams
Gain reliable, EMVCo-aligned protection for sensitive app data that works consistently across platforms and device states. Promon Data Protect™ integrates cleanly into your CI/CD flow, providing dual-layer encryption without relying on OS keychains or secure enclaves.
Enforce zero-trust for all app data, even on compromised devices
Reduce security overhead with automated, Shield-integrated data protection
Improve incident resilience through device-bound encryption and dynamic keying
Product owners and developers
Ship secure apps quickly without reengineering how data is stored or accessed. Promon Data Protect™ handles encryption and decryption behind the scenes, so teams can deliver features faster while keeping secrets safe across all frameworks and platforms.
Protect API keys, tokens, and user data without slowing releases
Maintain app performance and UX with lightweight, on-demand decryption
Reduce development friction with post-compile integration and clear APIs
Extend your protection with Promon
A suite of tools developed to shield your apps, your organization, and your users.
Promon Shield for Mobile™
Protect your app at runtime from tampering, hooking, and malware, ensuring Data Protect operates within a secure environment.
Keep cheaters, hackers, and pirates from wrecking your game. Our advanced protection ensures fair play, secure transactions, and a winning experience for your players.
API keys, certificates, configuration files, tokens, user/session data, and other sensitive assets.
Does Data Protect rely on the OS keychain or hardware modules?
No. It works independently of OS keychains and secure hardware, providing consistent protection across devices.
Do I need cryptography expertise to use Promon’s solutions?
No, Promon provides easy-to-use APIs and reference code to simplify integration.
Can it protect data on rooted or jailbroken devices?
Yes. Promon Data Protect keeps data encrypted, isolated, and tied to the device, even on compromised environments.
Is hardware-backed storage required?
No. Secure Local Storage (SLS) uses hardware-backed features like Android Keystore or iOS Keychain if available, but they’re not required. These features help protect a random value that contributes to device binding. The actual encryption keys are derived using multiple layers of entropy and are always protected by white-box cryptography.
Why not rely entirely on hardware-backed keys?
Relying solely on hardware-backed keys isn't enough, especially on rooted or jailbroken devices. Attackers can invoke cryptographic operations without needing to extract keys. Promon strengthens protection by using white-box cryptography, obfuscating keys and logic so they can't be extracted or misused, even on compromised devices.
Will Data Protect impact app performance?
No. Decryption happens only when needed and is optimized to minimize runtime overhead.
What’s the difference between SLS and SAROM?
SAROM protects static or global assets, like API keys and certificates, in the published app. SLS protects assets like session tokens on the device.
How does Promon ensure data remains secure?
Data is encrypted using AES-256 GCM. Cryptography keys are protected by our white-box cryptography solution. SLS also uses device-specific, on-device generated keys.
What technologies does Data Protect support?
It supports iOS, Android and Windows, with full coverage for C/C++, Rust, Java/Kotlin, Objective-C, Swift, Dart, React Native, and Flutter.
Expert insights
Explore more resources about Promon Asset Protection™
