Appdome Launches IDAnchor™, the First Customer Identity Protection Solution for the Mobile Economy

Appdome IDAnchor is the industry’s first Customer Identity Protection solution for mobile apps. This Appdome invention improves CIAM security and identity verification for mobile transactions by fusing threat signals with a fingerprinted trust chain.

Appdome, the leader in protecting mobile businesses, today announced IDAnchor™, the industry’s first Customer Identity Protection (CIP) solution for the mobile economy. IDAnchor fingerprints each release, installation, and device used to access, log in, and generate transactions in a mobile app. It combines this immutable chain of trust with real-time threat signals to bring sign-in alerts and unrecognized device notifications to every mobile app in the world and create a perimeter defense around Identity Verification (IDV), Customer Identity & Access Management (CIAM), and other services in mobile apps.

“Mobile brands have learned the hard way that successful authentication doesn’t mean there’s a trusted identity, engagement, or transaction in an app,” said Tom Tovar, Co-Creator of Appdome. “They also want the ability to tell when there’s unauthorized activity on an unrecognized device, application, or installation. IDAnchor solves all these challenges easily.”

What is Customer Identity Protection?

Customer Identity Protection (CIP) is the missing link needed to strengthen biometric authentication, CIAM, and IDV in mobile apps. By adding a perimeter defense around identity assertions in a mobile app, CIP ensures that no part of the value chain – the mobile app, installation, or device – has been compromised or impersonated during login, authentication, engagement, or purchasing in mobile apps.

Mobile apps and identity products often assume the integrity of the mobile environment when creating, verifying, or using customer identities in mobile apps. However, fake or compromised devices, operating systems, and accounts, as well as malware-controlled sessions, can undermine signal fidelity from the mobile environment, giving fraudsters the upper hand. CIP monitors the source of each customer identity while it’s being used by the application, installation, device, or user. Customer Identity Protection detects if any part of that value chain has been compromised or impersonated, or if there are any signs of on-device threat staging, manipulation, spyware, and other risks that can compromise biometric authentication, CIAM, IDV, Ad Attribution, and other processes in a mobile app.

IDAnchor™ is CIP for Mobile Apps

Unlike static and ephemeral device binding, IDAnchor™ creates a living, cryptographically bound, tamper-resistant chain of trust that spans the entire mobile app lifecycle. IDAnchor fingerprints the mobile DevOps workspace and each app release, installation, device, and session to enable mobile brands to bind customer identity from the point of origin, through the distribution chain, to user acquisition and use in a mobile app.

Each IDAnchor fingerprint is securely stored and built to persist across device resets, app re-installs, OS updates, and sophisticated evasion techniques, including device cloning, app spoofing, Trojan installations, and threats that target customer identity in mobile apps. If, at any time, the chain of trust is broken, brands know customer identity is at risk.

Mobile brands can now offer their users the same powerful, real-time “Is this you?” sign-in alerts made famous across Apple and Google applications. Detect sign-ins or identity assertions from unrecognized devices, apps, or installs and trigger real-time responses like user-facing alerts, step-up authentication, or session blocks. From mobile banking to social, healthcare, and ride-sharing apps, Appdome makes it possible for every mobile brand to own the ATO moment and protect users with confidence.

“IDAnchor gives brands a dynamic way to know if the source of the identity assertion can be trusted and if the user’s device, instance and environment are real, the same, unaltered, and uncompromised before, during, and after calling any identity-based service,” said Avi Yehuda, Co-Creator and CTO of Appdome.

Built-In Threat Signals for Identity Assurance

IDAnchor combines real-time threat signals with the chain of trust to solve a wide range of mobile threats, including:

• Deepfake attacks used on alternative or compromised devices.
• KYC fraud and fake account creation on synthetic, cloned, or altered mobile devices.
• Install/re-install abuse for inflating ad campaign metrics.
• Emulator farms that mimic real user engagement and devices.
• Loyalty and referral abuse from GAID/IDFA and device resets.
• Social engineering scams where users are tricked into installing Trojan versions of legitimate apps.
• Geo-fraud carried out through location spoofing, fake GPS apps, VPNs, IP cycling, and other techniques.
• Transaction and On-Device Fraud carried out by attackers using fake devices, synthetic identities, and stolen credentials.

“Without CIP, anyone or anything could successfully authenticate or engage inside an app,” said Chris Roeckl, Chief Product Officer at Appdome. “With IDAnchor™, brands can detect the full range of fraud, ATOs, and scams and get the true device attributes being used in each session.”

IDAnchor™ Feature Overview

Key features and capabilities include:

• DevOps Workspace Fingerprint – Appdome runs in DevOps. IDAnchor uses the DevOps environment to create a trusted root identifier for the mobile app.
• App Release Fingerprint – Unique Mobile App Release IDs do not change or reset based on device or install. No User Opt-Out.
• App Install Fingerprint – Each Mobile App Installation ID resets on update or upgrade. No User Opt-Out.
• Mobile Device Fingerprint – IDAnchor™ creates a unique and immutable Mobile Device ID for Android & iOS Devices. No reset. No User Opt-Out.
• True Device Attributes – With each payload, IDAnchor provides the true device attributes for each mobile device.
• Prevent Device Spoofing – Prevents modified or impersonated device attributes and bypassing probabilistic Device Identity systems.
• Prevent Vendor ID Spoofing – Prevents tampering with or rotating unique device identifiers that attribution systems or apps rely on to track installs, users, and fraud.
• Prevent Advertiser ID Cycling – Prevents attackers from rotating GAID/IDFA values to appear as unique users per fraud event.
• Protect Google/Apple Advertising ID – Monitor Google/Apple’s advertiser IDs for signs of manipulation, reuse, or substitution.
• Detect IDAnchor™ Manipulation Attempt – Send threat data and telemetry if attackers target IDAnchor™.
• Threat Signal Intelligence – Send threat data and telemetry on 400+ attack vectors including deepfakes, device spoofing, device manipulation, RCE, RAT, ATS Malware, social engineering scams, IT scams, phishing, quishing, smishing, geo-fraud and other attacks.

“Identity is the new perimeter,” said Eric Newcomer, Analyst at Intellyx. “Customer Identity Protection is more important than ever, given the advances in AI deepfakes, the rise of identity spoofing, and the use of mobile devices as an attack vector. IDAnchor from Appdome strengthens the value of CIAM, IDV and Ad Attribution by tracking the true identity of the applications and devices connecting to enterprise services.”

IDAnchor Availability

IDAnchor™ is available now for all Android and iOS applications. Mobile brands can use and evaluate IDAnchor fingerprints in the app, via an on-premise server, or cloud service.

To get a live demonstration of IDAnchor, visit Appdome at the Black Hat conference Aug. 6 and 7 in Las Vegas at Appdome’s booth (#4746). Or visit the Appdome website to learn more about Appdome IDAnchor™ and Customer Identity Protection.

Appdome IDAnchor provides mobile businesses with a real-time solution to secure customer identities, detect fraud, and elevate trust across identity-driven services.