Uncompromising security. Even on compromised devices.
.jpg?width=900&name=Promon%20Asset%20Protection%20-%20Website%20header%20(3_2%20aspect%20ratio%2c%20_250kb).jpg)
-
Protect sensitive app data with ease
Store your app secrets securely, even on compromised devices. Prevent unauthorized access to session tokens, personal data, API keys, and more.
-
Stop static and dynamic attacks
Static app secrets like API keys are encrypted and dynamically decrypted only when needed, minimizing the risk of extraction.
-
Simplify security for your development team
Your team doesn’t need to have cryptography expertise. Promon’s solutions are easy to integrate and designed for developers.
-
Build trust with users and regulators
Enhance app security to prevent data breaches, reduce regulatory fines, and boost user confidence in your brand.
What is Promon Asset Protection™?

- Secure sensitive data even on rooted or jailbroken devices.
- Ensure API keys, certificates, and session tokens are encrypted and protected in the published app and/or the device.
- Benefit from cross-platform support for Android, iOS, and Windows.
- Leverage proven white-box cryptography and RASP technology.
How Promon Asset Protection™ works
SAROM
SLS
What sets Promon Asset Protection™ apart?
Adaptable security on any device
- Takes advantage of hardware-based security (like Android Keystore or iOS Keychain) in SLS when possible, but works just as well without it.
- Secure by design with advanced software-based protections to keep data safe in any environment, even on rooted or jailbroken devices.

Effortless integration for developers
- No cryptographic expertise required.
- Automatic encryption of app assets.

Proven protection backed by EMVCo certification
- Ensures encryption keys are never exposed.
- Reduces the risk of key extraction through reverse engineering or runtime attacks, as keys are dynamically derived at runtime.
- Enhances operational integrity for sensitive applications.

How Promon Asset Protection™ empowers your team
For leadership teams

For security and development teams

For product management teams

Extend Promon Asset Protection™ with ease
-
App shielding for iOS and Android
Secure any mobile app, at scale, in real time.
Promon SHIELD® for Mobile -
App shielding for Windows and macOS
Secure your desktop apps against static and dynamic attacks.
Promon SHIELD® for Desktop -
Protect your APIs and apps
Keep your APIs and apps protected with dynamic app attestation.
Promon App Attestation™ -
Obfuscate your app code
Protect your IP by concealing the logic and purpose of the app’s code.
Promon IP Protection Pro™ -
Secure your SDKs, supercharge apps
Integrate advanced security into your Software Development Kits (SDKs) on Android and iOS.
Promon SDK Protection™ -
Actionable analytics for mobile apps
Reduce business and security risks with actionable, evidence-backed threat intelligence.
Promon Insight™
Ready to make sensitive app data security a priority

Discover Promon for your industry
Finance
Gaming
Retail and e-commerce
Healthcare
Payments
Your questions answered
What platforms does Promon Asset Protection™ support?
It supports Android, iOS, and Windows.
Can Promon Asset Protection™ secure rooted or jailbroken devices?
Yes, it’s designed to protect sensitive data even on compromised devices.
Do I need cryptography expertise to use Promon’s solutions?
No, Promon provides easy-to-use APIs and reference code to simplify integration.
How does Promon Asset Protection™ protect API keys?
When using SLS, API keys are dynamically encrypted and dynamically decrypted when Promon SHIELD® is asked to do so. When using SAROM, assets are encrypted during the integration of SHIELD and decrypted dynamically when SHIELD is asked to do so.
Is hardware-backed storage required?
No. Secure Local Storage (SLS) uses hardware-backed features like Android Keystore or iOS Keychain if available, but they’re not required. These features help protect a random value that contributes to device binding. The actual encryption keys are derived using multiple layers of entropy and are always protected by white-box cryptography.
Why not rely entirely on hardware-backed keys?
Relying solely on hardware-backed keys isn't enough, especially on rooted or jailbroken devices. Attackers can invoke cryptographic operations without needing to extract keys. Promon strengthens protection by using white-box cryptography, obfuscating keys and logic so they can't be extracted or misused, even on compromised devices.
Can Promon help with compliance?
What’s the difference between SLS and SAROM?
How does Promon ensure data remains secure?
Explore more resources about Promon Asset Protection™

Mobile malware threats in 2025: How mobile app vendors can stay safe

Mobile banking apps: A guide to mitigating fraud

Compiler vs. wrapper vs. hybrid: An honest assessment of mobile app security approaches
