Mobile applications can be reverse engineered using readily available disassemblers and/or decompilers, making it easy for hackers to access and analyze the source code of your applications. Hackers can then:

• Steal intellectual property & clone applications
• Extract sensitive information & harvest credentials
• Identify vulnerabilities
• Add malicious code to apps & repackage them

Data of a sensitive nature may include; valuable intellectual property (such as custom algorithms), authentication mechanisms, in-app payment mechanisms, keys (API keys, hardcoded encryption keys etc.), credentials (database passwords etc.), the logic behind server communication, and much more.

There are several techniques available today to obfuscate code. These include:

Name obfuscation

The replacement of readable names in the code by difficult to decipher alternatives

Control flow obfuscation

The modification of the logical structure of the code to make it less predictable and traceable

Arithmetic obfuscation

The conversion of simple arithmetic and logical expressions into complex equivalents

Code virtualization

The transformation of method implementation into instructions for randomly generated virtual machines