Why choose us?
Products
Mobile app protection
Promon SHIELD® for Mobile Secure iOS & Android apps from tampering, repackaging, & more.
Promon IP Protection Pro™ Protect app code & data from reverse engineering & copying.
Promon App Attestation™ Verify the integrity of apps accessing APIs in real-time.
Promon Asset Protection™ Store app secrets on compromised end-user devices securely.
Desktop app protection
Promon SHIELD® for Desktop Protect Windows & macOS apps from static & dynamic attacks.
SDK protection
Promon SDK Protection™ Defend SDKs from tampering, & unauthorized use.
Mobile app analytics
Promon Insight™ Understand security risks & make data-driven decisions.
Featured webinar
How to hack (and secure) an Android app
Watch it on demand
Solutions
For your industry
Banking Comply, prevent fraud, & protect sensitive data.
Payments Achieve compliance, prevent tampering, & secure data.
Gaming Prevent cheating, protect transactions, & revenue.
Streaming & media Secure content, intellectual property, & user data.
Retail & e-commerce Stop malware, MitM attacks, & account takeovers.
Public sector Prevent repackaging, breaches, & tampering.
Healthcare Ensure regulatory compliance & secure PHI.
Automotive Secure sensitive app data & assets.
Customer stories
We protect the world's leading brands, & we can protect yours too.
Read more
About Promon
Company
About us Learn about us & our 19-year history.
Contact us Need help? Get in touch with our team.
Careers #LifeAtPromon & the latest jobs.
Partners Become a partner & deliver app security.
Press Your source for all things Promon.
We're hiring!
We're changing the world, one app at a time. Will you help us?
View open roles
Resources
App sec library
All resources Explore The Mobile App Security Library.
Customer stories Find out how the world's leading brands stay secure.
Webinars & events Meet peers (& Promon) online & around the world.
Ebooks & whitepapers Dive into the finer points of app shielding.
Knowledge Centre Where app security meets Promon tech.
Blog Keep up with app sec news & developments.
Tools & games Research, calculate, or just have some fun!
Glossary Understand critical app sec terminology.
Live webinar
Breaking & defending mobile apps: Prevent reverse engineering in the age of AI
Register now
Book a meeting
Protect app data

Uncompromising security. Even on compromised devices.

Promon Asset Protection™ provides advanced asset protection software that secures sensitive app data, preventing unauthorized access to session tokens, personal information, and API keys.
Book a meeting Why choose us?
Promon Asset Protection - Website header (3_2 aspect ratio, _250kb)

  • Fortify data and content-Icon

    Protect sensitive app data with ease

    Store your app secrets securely, even on compromised devices. Prevent unauthorized access to session tokens, personal data, API keys, and more.

  • App-Shielding_1-icon

    Stop static and dynamic attacks

    Static app secrets like API keys are encrypted and dynamically decrypted only when needed, minimizing the risk of extraction.

  • Checkmark-icon

    Simplify security for your development team

    Your team doesn’t need to have cryptography expertise. Promon’s solutions are easy to integrate and designed for developers.

  • build-trust-with-users-regulators

    Build trust with users and regulators

    Enhance app security to prevent data breaches, reduce regulatory fines, and boost user confidence in your brand.

In a nutshell

What is Promon Asset Protection™?

Promon Asset Protection™ secures sensitive app data and secrets through two modules: Secure Local Storage (SLS) and Secure Application ROM (SAROM). Together, they safeguard static and dynamic data against modern threats, protecting your business and your users.
Man smiling while looking at his mobile phone with icons showing secured files.
  • Secure sensitive data even on rooted or jailbroken devices.
  • Ensure API keys, certificates, and session tokens are encrypted and protected in the published app and/or the device.
  • Benefit from cross-platform support for Android, iOS, and Windows.
  • Leverage proven white-box cryptography and RASP technology.
Book a meeting
Discover what's possible with Promon Asset Protection™.
Get in touch

How Promon Asset Protection™ works

SAROM
SAROM protects information built into your app, like API keys or certificates, before the app is published. This keeps attackers from extracting valuable data, even if they get access to the app’s internal files. SAROM doesn’t depend on any device-specific features.
SLS
SLS protects data stored on the device, like session tokens. It generates unique encryption keys using app- and device-specific inputs. If available, hardware features like Android Keystore or iOS Keychain add extra protection, but SLS remains secure even on rooted or jailbroken devices through strong software-based safeguards.

What sets Promon Asset Protection™ apart?

Adaptable security on any device

Promon Asset Protection™ delivers resilient, device-agnostic protection, even on compromised devices. It uses a flexible approach that leverages hardware-backed security features where available, while also ensuring strong protection on devices without such support.
Download the SAROM brochure Download the SLS brochure
  • Takes advantage of hardware-based security (like Android Keystore or iOS Keychain) in SLS when possible, but works just as well without it.
  • Secure by design with advanced software-based protections to keep data safe in any environment, even on rooted or jailbroken devices.
Promon-Asset-Protection_Comprehensive-security-on-any-sevice

Effortless integration for developers

Save time and reduce complexity with ready-to-use APIs and reference code. Promon simplifies the integration process, enabling developers to focus on innovation without being bogged down by security challenges. The installation tool automates critical tasks, ensuring that even teams with limited security expertise can effectively protect app data.
  • No cryptographic expertise required.
  • Automatic encryption of app assets.
Promon-Asset-Protection_Effortless-Integration

Proven protection backed by EMVCo certification

Leverages proprietary white-box cryptography that meets EMVCo certification standards, offering robust protection for sensitive app data. This approach ensures not only compliance but also enhances the app’s resilience against attacks. By securing encryption keys and safeguarding in-app operations, you access an unmatched layer of security that is trusted across industries.
Get the EVMCo certification for payments guide
  • Ensures encryption keys are never exposed.
  • Reduces the risk of key extraction through reverse engineering or runtime attacks, as keys are dynamically derived at runtime.
  • Enhances operational integrity for sensitive applications.
Promon-Asset-Protection_Proven-Protection

How Promon Asset Protection™ empowers your team

For leadership teams

Minimize risks, protect your brand, and ensure compliance with ease. Promon Asset Protection provides the assurance your organization needs to prevent data breaches and regulatory fines.
Promon-Asset-Protection-Leadership-teams_1

For security and development teams

Simplify your workflow with easy-to-implement solutions that require no cryptography expertise. Focus on building great apps while we handle the security.
Promon-Asset-Protection-Dev-Security-teams

For product management teams

Ensure your app meets user expectations for privacy and security. Protect sensitive data and build trust in your product with proven effective solutions.
Promon-Asset-Protection-product-management-teams_3

Extend Promon Asset Protection™ with ease

A suite of tools developed to shield your apps, your organization, and your users.

Ready to make sensitive app data security a priority

Download the brochures for Secure Local Storage (SLS) and Secure Application ROM (SAROM) to see how Promon Asset Protection™ can protect mobile app data.
Get the SLS brochure Get the SAROM brochure

Discover Promon for your industry

Explore how Promon Asset Protection™ protects sensitive app data across finance, gaming, streaming, healthcare, and more.

Finance

Detect and prevent fraudulent transactions in real-time, safeguard user authentication, and generate compliance reports with ease.
Learn more

Gaming

Keep cheaters, hackers, and pirates from wrecking your game. Our advanced protection ensures fair play, secure transactions, and a winning experience for your players.
Learn more

Retail and e-commerce

Protect sensitive customer data, secure transactions, and ensure compliance with robust mobile retail app security solutions.
Learn more

Healthcare

Safeguard patient data, prevent unauthorized access, and ensure compliance with advanced security solutions tailored to healthcare.
Learn more

Payments

Secure payment apps, combat fraud, and ensure compliance with robust, user-friendly security solutions for mobile payment systems and mobile wallets.
Learn more
FAQ

Your questions answered

What platforms does Promon Asset Protection™ support?

It supports Android, iOS, and Windows.

Can Promon Asset Protection™ secure rooted or jailbroken devices?

Yes, it’s designed to protect sensitive data even on compromised devices.

Do I need cryptography expertise to use Promon’s solutions?

No, Promon provides easy-to-use APIs and reference code to simplify integration.

How does Promon Asset Protection™ protect API keys?

When using SLS, API keys are dynamically encrypted and dynamically decrypted when Promon SHIELD® is asked to do so. When using SAROM, assets are encrypted during the integration of SHIELD and decrypted dynamically when SHIELD is asked to do so.

Is hardware-backed storage required?

No. Secure Local Storage (SLS) uses hardware-backed features like Android Keystore or iOS Keychain if available, but they’re not required. These features help protect a random value that contributes to device binding. The actual encryption keys are derived using multiple layers of entropy and are always protected by white-box cryptography.

Why not rely entirely on hardware-backed keys?

Relying solely on hardware-backed keys isn't enough, especially on rooted or jailbroken devices. Attackers can invoke cryptographic operations without needing to extract keys. Promon strengthens protection by using white-box cryptography, obfuscating keys and logic so they can't be extracted or misused, even on compromised devices.

Can Promon help with compliance?

Yes, using Promon’s solutions can demonstrate best-in-class security to auditors and regulators.

What’s the difference between SLS and SAROM?

SAROM protects static or global assets, like API keys and certificates, in the published app. SLS protects assets like session tokens on the device.

How does Promon ensure data remains secure?

Data is encrypted using AES-256 GCM. Cryptography keys are protected by our white-box cryptography solution. SLS also uses device-specific, on-device generated keys.

Ready to get started?

Let's discuss how you can protect both static and dynamic app data, even on compromised devices.
Book a meeting