Lockin Company CEO Myoung Kyu Choi: “Hide Your Mobile Source Code Tightly”

2015.03.12

[Creative Economy is the Future - Myung-Kyu Choi, Lockin Company CEO] “Hide your mobile source code tightly”

Startup to overcome the reality of weak mobile security

▲CEO Myoung Kyu Choi (right) and CTO Chung Won Son of Lockin Company. Photo = Reporter Chang-Hyeon Ahn

▲ CNB Journal, CNBJOURNAL, CNB Journal

In the mobile era, countless new applications (apps) are created every day. In the Google App Store alone, an average of 100,000 new apps are introduced every month. In Korea, numerous app development startups are establishing themselves as key icons of the creative economy. In return, attackers (hackers, industrial spies, etc.) against apps are gradually revealing their identities.

Choi Myeong-gyu, CEO of Lockin Company, said, “Preventing source code leaks is the top priority in order to protect mobile apps from all threats,” and “Individuals, startups, and other developers who are relatively vulnerable to security can easily apply our security products with one click using the cloud, protecting the technology and intellectual property rights contained in the source code from attackers.” He added, “This kind of technology leak can also lead to losses in the national economy, so national attention and support are necessary.”

Mobile has a shorter history than PCs, and its security system is insufficient, so it still has many problems. Attackers who have focused on PCs are now turning their attention to mobile, which has become the mainstream.

Currently, most mobile security products released by existing security companies are merely products that were used on PCs and converted for mobile use. However, since mobile and PCs are different not only in terms of platforms but also in terms of devices, the need for security products that were developed by changing the paradigm itself from the beginning is becoming increasingly urgent.

▲Liapp Onsite Page

Based on his experience in security work at work, he started a business

CEO Choi was in charge of domestic and international work at Neowiz to defend against and respond to hacking of games. As the mobile game market grew rapidly, the variety of content increased, but security vulnerabilities also increased. A solution was needed. Someone had to do it, and since he had the confidence and thought that he would do it himself, he boldly decided to start a business.

Mobile apps are very important for portability, so the program must run stably on the device. That is why while PCs are displayed in machine language, mobile apps are displayed in source code that humans can understand. Therefore, it is easy to analyze which part needs to be hacked. Also, current security products only prevent forgery and tampering and only catch malware. However, the most important thing in securing mobile apps is to make the source code itself invisible.

“In the case of PCs, since programs must be read in machine language, only the top few percent of hackers were able to attack. However, most mobile apps, including games, implement programs based on source codes, and since the source codes are so easily exposed, anyone, even if they are not professional hackers, can read and analyze them using tools available on the market. In other words, all the technology and know-how in the source codes can be easily leaked to the outside.”

Recently, as the creative economy has become active, the number of app development startups is increasing day by day. In this situation, it is also true that developers are only focused on development and have low awareness of the security of their own developed products. Choi explains that there are surprisingly many cases where they do not know that the source codes of the apps they have developed are easily exposed to the outside, and even when they are hacked.

“If the source codes of apps that developers have painstakingly developed for 1-2 years are leaked, all the technology and know-how in them will fall into the hands of attackers. If this happens, there is a high possibility that a competitor will release the same product or a better product in about a week to a month. In particular, if they are leaked overseas, it will cause great losses to the national economy, so a government-level protection policy is necessary.”

In reality, developers are overwhelmed just creating content, so mobile app security products must be easy to apply.

▲A development meeting at Lockin Company.

Expanding Source Code Protection Technology to Overseas

Lockin Company is a group of six security experts with many years of experience. Development Director Son Chung-won, a malware expert, said, “Currently, there are many mobile-related malwares, but there are almost no media reports on them, so they are not well known. In the case of the iPhone, there are already many problems overseas due to the company’s closed policy,” and added, “We are currently focusing on Android and plan to continuously introduce more powerful products.”

CEO Choi established the company in September 2013. The goal is to release various solutions and services based on mobile app source code protection technology. He said, “We have already completed patent registration for the source code protection technology, and we started with the goal of safely protecting apps used on all devices, including PCs and mobile devices,” and added, “We are currently releasing and servicing ‘LIAPP,’ a SaaS-based source code protection service.”

It is a very technology-intensive technology, so the development period alone took nearly a year. CEO Choi dreamed of developing technology when he saw his startup friends worrying, “I’m very worried that the source code of the app we developed will be exposed. Is there any way to prevent this?” while working.

Early last year, the product development was completed, and in the middle of the year, some major financial companies began applying the product. He said that even though he didn’t advertise it specifically, he received many inquiries from overseas. Companies in South America, including Brazil, and North America, including Canada, showed a lot of interest. In particular, CEO Choi said that he felt a sense of accomplishment when a startup CEO who had advanced into China sent him feedback saying, “I was so busy with development that I didn’t have time to worry about security, but after applying Lockin Company’s security product, the results were great and I’m very satisfied.”

Lockin Company also held a prosumer event at the end of last year where people could use Reapp for free. Reapp is a service that protects Android app source codes from being stolen by attackers through decompiling, debugging, and real-time modification of app data values.

“Unlike existing app forgery prevention solutions, this is provided as a service, so even startups that cannot purchase expensive solutions can protect their intellectual property rights. Also, unlike the obfuscation solutions used in the past to protect app source codes (making the source code visible but difficult to understand), Reapp encrypts all of the app’s source codes to make them completely invisible, so it is characterized by high security.”

Finally, CEO Choi advised about starting a startup, “If you work in each field of work for more than 10 years, you become an expert. Therefore, it is very helpful to steadily gain experience at work and prepare thoroughly. In particular, for items operated as B2B, organizational experience is a very strong point.”