Versions Compared

Old Version 9

changes.mady.by.user Md Zaid Imam

Saved on

compared with

New Version 10

changes.mady.by.user Md Zaid Imam

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Objective 

This is a crisp integration documentation to plug ShieldSquare *Radware Bot Manager Android SDK directly into your Android App to protect your API servers from the malicious bots originating from Mobile App. 


Info

*ShieldSquare is now Radware Bot Manager


Prerequisite & Compatibility 

  1. Ensure you have created an account in ShieldSquare Admin Dashboard in Radware Bot Manager portal before getting started
  2. Ensure you have already integrated ShieldSquare integrated Radware Bot Manager at your Web server or Application server
  3. Operating System Supported: Android 4.3 or above 
  4. Device supported : Smartphones &Tablets 
  5. Android studio version supported: 2.3 or above 

...

  1. When your mobile app makes a REST call to your server/API, the data request is sent to ShieldSquare to Radware Bot Manager connector integrated at your Origin/Web server. In parallel, ShieldSquare  Radware Bot Manager SDK asynchronously collects data and sends  to ShieldSquare Radware Bot Manager bot engine for analysis. Data consists of device device details (characteristics, orientation & acceleration) and behavioral details (events: buttons clicked, ads clicked, articles read/shared/liked, comments posted, screens viewed, purchases made, levels completed etc.,) based on your business logic from the interactions of the user with your Mobile App. 
  2. ShieldSquare Radware Bot Manager connector sends the data to the ShieldSquare the Radware bot engine via ShieldSquare via Radware Bot Manager endpoint (deployed across the world using the global load balancer for minimal latency).ShieldSquare bot Radware bot engine analyses the data from the endpoint and responds with appropriate action to humans and bots. 
  3. Your origin/web server either sends the requested App data to the user or challenge with CAPTCHA or block the page based on the response from ShieldSquare Radware Bot ManagerShieldSquare Radware Bot Manager SDK has the capability to render in-app CAPTCHA / Block page. 

...

Info
  • You have to be in 'Active mode' for receiving response codes for CAPTCHA/Block by configuring the responses for different categories of bad bots in 'Bot response page' in ShieldSquare admin in Radware Bot Manager portal. ShieldSquare Radware Bot Manager recommends to handle empty data when the user solves the CAPTCHA.  
  • If required, ShieldSquare bot  Radware bot engine can also be configured to send response code (CAPTCHA / Block) directly to ShieldSquare to Radware Bot Manager SDK.


Integration steps

  1. Integrate ShieldSquare Integrate Radware Bot Manager SDK into your project
  2. Configure the ShieldSquare the Radware Bot Manager SDK 
  3. Test and release your application 

1.

...

Integrate Radware Bot Manager SDK into your project 

a. Unzip the package ss2_android_sdk_vx.x.x.zip which would contain ss2_android_sdk_vx.x.x.aar file.

b. Import ShieldSquare  Import Radware Bot Manager SDK as a module by choosing File > New > New Module >Choose ‘Import .JAR/.AAR’ and locate the downloaded 'ss2_android_sdk.aar'. 

...

c. Add the following dependencies to your app-level build.gradle file. This dependency is to add Cookie storing capability to your App ( if it doesn't have already) to help ShieldSquare help Radware Bot Manager to set four first-party cookies to identify patterns of the user interactions. 

Code Block
languagejava
themeFadeToGrey
. . .
. . .
 
    implementation 'com.android.support:design:27.1.1'
     
    implementation 'com.squareup.retrofit2:retrofit:2.4.0'
    implementation 'com.github.franmontiel:PersistentCookieJar:v1.0.1'
    implementation 'com.squareup.retrofit2:converter-gson:2.4.0'
    implementation 'com.google.android.gms:play-services-safetynet:15.0.1'
 
    implementation project(':ss2_android_sdk')
 
. . .
. . .


Info

If you encounter this error : Failed to resolve : com.github.franmontiel:PersistentCookieJar:v1.0.1 

  • Open your build.gradle(Project:) file.
  • Add the following line in the 'all project' section.
    maven { url "https://jitpack.io" }


2.

...

Configure Radware Bot Manager SDK

a. Initialize the ShieldSquare the Radware Bot Manager SDK in your application file as below. Use code block 1 if you want to initialize Text CAPTCHA, use code block 2 if you want to initialize Google reCAPTCHA. 

...

Code Block
themeFadeToGrey
//use this to initialize Google reCAPTCHA 

private final String SUBSCRIBER_ID = "XXXX" ;
private final String SAFETY_NET_API_SITE_KEY = "Your-Recaptcha-Site-Key" ; //required if you want to use Google reCAPTCHA 
private final String DOMAIN_VERIFY_ON_SERVER = "Your-Recaptcha-Verification-Domain" ; //required if you want to use Google reCAPTCHA 
. . .
. . .
ReCaptcha reCaptcha = new ReCaptcha.Builder()
.setSiteKey( SAFETY_NET_API_SITE_KEY )
.setServerVerificationDomain( DOMAIN_VERIFY_ON_SERVER )
.build();
ShieldSquare shieldSquare = new ShieldSquare.Builder( this )
.setCaptchaOption(reCaptcha)
.setSubscriberID( SUBSCRIBER_ID )
.setShieldSquareServiceUrl("https://cas.avalon.perfdrive.com/")
.build();
shieldSquare.setUserId("your-user-id");
. . .
. . .


Info
  • ShieldSquare Radware Bot Manager support team will provide a unique customer ID for your account. 
  • Ensure you can configure a required response 'CAPTCHA' or 'Block' from the Bot Response page in ShieldSquare admin in Radware Bot Manager portal for different types of bots.
  • You can pass either 'textCaptcha' for TEXT CAPTCHA  or 'reCaptcha' for Google ReCAPTCHA service while initializing ShieldSquare Radware Bot Manager .
  • If you're setting up Google reCAPTCHA, select 'reCAPTCHA Android' as reCAPTCHA type.

...

Info

Above code will intercept all responses received by the retrofit engine, enables cookie setting on the app and takes action based on the response from the Server.

c. To collect events data, insert below analytics snippet whenever there is an event triggered in your app (Eg:  App open, User signed in, Pages/screens viewed, an article read/liked/shared/commented, app version updated etc.,). ShieldSquare  Radware Bot Manager collects the events data in a batch process in fixed time intervals.   

Code Block
themeFadeToGrey
String eventName="login_success";
String screenName=getTitle().toString();
JSONObject eventParams = new JSONObject();
eventParams.put("value", "test");
eventParams.put("sessionId", "1234-1234-1234");
ShieldSquare.trackEvents(eventName, screenName, eventParams);

...

Once the complete functionality of the mobile app with Shieldsquare with Radware Bot Manager integration is tested in the staging environment, you can go ahead and release your production project App in Google Play. 

...