π App Security SDK for Flutter
App Security SDK is a Flutter plugin that helps you secure your application by detecting unsafe environments like rooted/jailbroken devices, cloned apps, piracy, debugging, and more. It also validates the appβs integrity, detects VPN usage, and ensures the app is installed from trusted sources.
π· Screenshots
β Android Permissions
If you want to access IMEI (available only on Android versions below 10), you need to add the following permission in your AndroidManifest.xml:
<uses-permission android:name="android.permission.READ_PHONE_STATE" />
β οΈ On Android 10 (API 29) and above, IMEI access is restricted for privacy reasons, so this feature will return null on newer devices.
β¨ Features
-
β Root/Jailbreak Detection Detect if the device is rooted (Android) or jailbroken (iOS).
-
β VPN Detection Identify active VPN connections for network safety.
-
β Real Device Check Ensure the app runs on a real device and not on an emulator/simulator.
-
β Developer Mode & Debugging Check Detect whether the device is in developer mode or being debugged.
-
β Piracy Detection Validate app integrity and detect pirate apps using Kevlar.
-
β Install Source Verification Ensure the app was installed from trusted sources like Play Store, App Store, or TestFlight.
-
β Clone Detection Detect cloned or dual apps using sandbox validation.
-
β Device Identifier Access Fetch Device ID (Android ID) and Identifier for Vendor (iOS).
π¦ Installation
Add the package to your pubspec.yaml:
dependencies:
app_security: ^latest_version
dependencies:
flutter pub get
π Usage
Import the package:
import 'package:app_security/app_security.dart';
β Root/Jailbreak Detection
bool isRooted = await AppSecurity.isUseJailBrokenOrRoot();
π Check VPN Usage
bool vpnActive = await AppSecurity.isDeviceUseVPN();
π‘οΈ Validate App Environment
List<String>? issues = await AppSecurity.isSafeEnvironment();
print(issues); // e.g., ["JAILBREAK", "VPN_ACTIVE"]
π² Get Device ID
String? deviceId = await AppSecurity.getDeviceId();
π Check Install Source
String? source = await AppSecurity.installSource();
print(source); // e.g., "playstore", "appstore", "testflight"
π Open developer Options
String? source = await AppSecurity.openDeveloperSettings();
π Detect Cloned App
bool isCloned = await AppSecurity.isClonedApp();
π Add a Window Flag
import 'package:app_security/window_flags.dart';
bool isCloned = await AppSecurity.addFlags(WindowFlags.FLAG_SECURE);
π Clear a Window Flag
import 'package:app_security/window_flags.dart';
bool isCloned = await AppSecurity.clearFlags(WindowFlags.FLAG_SECURE);
π‘ Supported Platforms
- β Android: Uses Kevlar for root and piracy detection.
- β iOS: Implements native checks for jailbreak, VPN, and integrity.
π οΈ Customization
- Configure allowed installers: Play Store, App Store, TestFlight.
- Extend detection for enterprise distribution or sideloaded apps.
π License
This project is licensed under the MIT License. See the LICENSE file for details.
π¬ Contributing
Feel free to submit issues or pull requests. Contributions are welcome!
π Author
Made with β€οΈ by Deepak.