Objective
This is a crisp integration documentation to plug ShieldSquare *Radware Bot Manager Android SDK directly into your Android App to protect your API servers from the malicious bots originating from Mobile App.
Info |
---|
*ShieldSquare is now Radware Bot Manager |
Prerequisite & Compatibility
- Ensure you have created an account in ShieldSquare Admin Dashboard in Radware Bot Manager portal before getting started
- Ensure you have already integrated ShieldSquare integrated Radware Bot Manager at your Web server or Application server
- Operating System Supported: Android 4.3 or above
- Device supported : Smartphones &Tablets
- Android studio version supported: 2.3 or above
...
- When your mobile app makes a REST call to your server/API, the data request is sent to ShieldSquare to Radware Bot Manager connector integrated at your Origin/Web server. In parallel, ShieldSquare Radware Bot Manager SDK asynchronously collects data and sends to ShieldSquare Radware Bot Manager bot engine for analysis. Data consists of device device details (characteristics, orientation & acceleration) and behavioral details (events: buttons clicked, ads clicked, articles read/shared/liked, comments posted, screens viewed, purchases made, levels completed etc.,) based on your business logic from the interactions of the user with your Mobile App.
- ShieldSquare Radware Bot Manager connector sends the data to the ShieldSquare the Radware bot engine via ShieldSquare via Radware Bot Manager endpoint (deployed across the world using the global load balancer for minimal latency).ShieldSquare bot Radware bot engine analyses the data from the endpoint and responds with appropriate action to humans and bots.
- Your origin/web server either sends the requested App data to the user or challenge with CAPTCHA or block the page based on the response from ShieldSquare Radware Bot Manager. ShieldSquare Radware Bot Manager SDK has the capability to render in-app CAPTCHA / Block page.
...
Info |
---|
|
Integration steps
- Integrate ShieldSquare Integrate Radware Bot Manager SDK into your project
- Configure the ShieldSquare the Radware Bot Manager SDK
- Test and release your application
1.
...
Integrate Radware Bot Manager SDK into your project
a. Unzip the package ss2_android_sdk_vx.x.x.zip which would contain ss2_android_sdk_vx.x.x.aar file.
b. Import ShieldSquare Import Radware Bot Manager SDK as a module by choosing File > New > New Module >Choose ‘Import .JAR/.AAR’ and locate the downloaded 'ss2_android_sdk.aar'.
...
c. Add the following dependencies to your app-level build.gradle file. This dependency is to add Cookie storing capability to your App ( if it doesn't have already) to help ShieldSquare help Radware Bot Manager to set four first-party cookies to identify patterns of the user interactions.
Code Block | ||||
---|---|---|---|---|
| ||||
. . . . . . implementation 'com.android.support:design:27.1.1' implementation 'com.squareup.retrofit2:retrofit:2.4.0' implementation 'com.github.franmontiel:PersistentCookieJar:v1.0.1' implementation 'com.squareup.retrofit2:converter-gson:2.4.0' implementation 'com.google.android.gms:play-services-safetynet:15.0.1' implementation project(':ss2_android_sdk') . . . . . . |
Info |
---|
If you encounter this error : Failed to resolve : com.github.franmontiel:PersistentCookieJar:v1.0.1
|
2.
...
Configure Radware Bot Manager SDK
a. Initialize the ShieldSquare the Radware Bot Manager SDK in your application file as below. Use code block 1 if you want to initialize Text CAPTCHA, use code block 2 if you want to initialize Google reCAPTCHA.
...
Code Block | ||
---|---|---|
| ||
//use this to initialize Google reCAPTCHA private final String SUBSCRIBER_ID = "XXXX" ; private final String SAFETY_NET_API_SITE_KEY = "Your-Recaptcha-Site-Key" ; //required if you want to use Google reCAPTCHA private final String DOMAIN_VERIFY_ON_SERVER = "Your-Recaptcha-Verification-Domain" ; //required if you want to use Google reCAPTCHA . . . . . . ReCaptcha reCaptcha = new ReCaptcha.Builder() .setSiteKey( SAFETY_NET_API_SITE_KEY ) .setServerVerificationDomain( DOMAIN_VERIFY_ON_SERVER ) .build(); ShieldSquare shieldSquare = new ShieldSquare.Builder( this ) .setCaptchaOption(reCaptcha) .setSubscriberID( SUBSCRIBER_ID ) .setShieldSquareServiceUrl("https://cas.avalon.perfdrive.com/") .build(); shieldSquare.setUserId("your-user-id"); . . . . . . |
Info |
---|
|
...
Info |
---|
Above code will intercept all responses received by the retrofit engine, enables cookie setting on the app and takes action based on the response from the Server. |
c. To collect events data, insert below analytics snippet whenever there is an event triggered in your app (Eg: App open, User signed in, Pages/screens viewed, an article read/liked/shared/commented, app version updated etc.,). ShieldSquare Radware Bot Manager collects the events data in a batch process in fixed time intervals.
Code Block | ||
---|---|---|
| ||
String eventName="login_success"; String screenName=getTitle().toString(); JSONObject eventParams = new JSONObject(); eventParams.put("value", "test"); eventParams.put("sessionId", "1234-1234-1234"); ShieldSquare.trackEvents(eventName, screenName, eventParams); |
...
Once the complete functionality of the mobile app with Shieldsquare with Radware Bot Manager integration is tested in the staging environment, you can go ahead and release your production project App in Google Play.
...