All App Developers Have the Right to Protect Their Apps

2014.10.21

“Regardless of financial means, all application (app) developers have the right to protect their works. Lockin Company is trying to create an environment where everyone in the mobile app business can receive protection for the works they create.”

Myoung Kyu Choi, CEO of Lockin Company, emphasized that anyone needs a solution that can easily and inexpensively protect their mobile apps, and that they will solve this problem.

Recently, as the mobile app business has become active in Korea, the movements of attackers targeting it have also become more intense. The spread of mobile malicious apps is increasing the financial damage to individual users, and developers are suffering losses such as intellectual property rights infringement and damage to their corporate image due to source code theft.

In fact, an incident occurred early this year where a popular domestic mobile game, ‘I Love Coffee’, was copied as is. ‘Coffee Lover’, which is currently in service in China, was investigated for illegally using and developing the original source code of I Love Coffee.

In addition, there are countless cases of hacking the payment module of mobile games to illegally obtain game money. Last year, a mobile game company exceeded 100 million won in game item sales within 6 hours of the game’s release, but the actual normal transaction did not even reach 5 million won. It has already been widely reported that the damage was caused.

CEO Choi pointed out that the protection of the source code is the most important. He explained that the source code is the core of intellectual property rights that the developer’s blood and sweat are all absorbed into. Therefore, CEO Choi claims that the first step to protecting the app is to protect the source code.

He said, “The root of all hacking starts with the source code being visible,” and “If the source code is visible, you can know how it works, which can lead to tampering. It is good to prevent tampering, but the most urgent thing is to make the source invisible. Source code exposure is like a person walking around the street naked,” he said.

However, it seems that there has not been much investment in protecting source codes in Korea yet. Most apps developed by public institutions or startups have inadequate source code protection measures, and only some apps being serviced by financial institutions and large corporations have obfuscation applied.

Choi explained, “Hacking techniques that started on PCs have gradually become more advanced over time, and security techniques have also developed along with them. However, the situation is different for mobile devices. Advanced hacking techniques have been transferred to mobile devices, but mobile security techniques are still in their infancy.”

Choi pointed out that the obfuscation process alone can never safely protect source codes. This is because of the inherent strengths and weaknesses of the Java language. Choi claims that even if obfuscation is applied, there is a risk that modules or resources used in app development can be exposed to malicious users if decompiled (re-extracting source code from package files).

He said, “For apps used on PCs, source obfuscation alone can be effective. “Even if decompiled, it is not easy to steal it because it comes out as machine language,” he said. “However, in the case of Java used for Android app development, even if it is obfuscated, the main source code is all exposed. That is why I argue that a paradigm shift is necessary.”

Of course, there are already solutions on the market that can protect source codes. The problem is the price. The price of the solution is in the tens of millions of won, and maintenance is done through an annual contract, so the cost is not small. The reality is that it is not easy for startups with insufficient funds to apply this.

Lockin Company emphasized that it wants to help startups that cannot protect their source codes due to lack of money. The company recently launched a cloud-based mobile app source code protection service, LIAPP(LOCKIN APP PROTECTOR). This service has various charging systems such as one-year and one-time, so anyone can use it inexpensively.

CEO Choi said, “We judged that it would be most cost-effective if source code protection could be provided in the form of a service. This also took into account the life cycle of recent mobile apps,” and added, “I think that all developers should be able to protect their works. “This is our business goal,” he reiterated.