Anti-Tamper Protection

Anti-tamper protection lets your application verify its own integrity at runtime and shut down the moment its code has been modified, repackaged, or patched.

  • JavaScriptJavaScript
  • AndroidAndroid
  • AppleiOS
Start free
See it in ByteHide Shield
TL;DR

Anti-tamper protection adds integrity checks to your application. While it runs, it verifies that its own code and resources match what you shipped. If an attacker has patched the binary, repackaged the app, or modified it on disk, the checks fail and the application refuses to run or degrades safely.

Definition

What is anti-tamper protection?

Anti-tamper protection is a technique that lets an application detect whether its own code has been altered since it was built. Tampering means any unauthorized modification: patching a binary to remove a license check, injecting malicious code, or repackaging a mobile app and redistributing it.

Once your application ships, it runs in environments you do not control. An attacker can open it, modify it, and run the changed version. Without integrity checks, the application has no way to know it is no longer the software you released.

Anti-tamper protection closes that gap. The application carries a record of its own legitimate state and verifies against it at runtime. If the code does not match, the application knows it has been tampered with and can respond.

Mechanism

How anti-tamper protection works

Anti-tamper protection combines several integrity techniques:

  • Code checksums. The application computes hashes of its own code and compares them against known-good values embedded at build time.

  • Signature verification. The application checks that its package signature matches the original publisher.

  • Repackaging detection. On mobile, the application detects when it has been unpacked, modified, and re-signed by someone other than you.

  • Resource integrity. Embedded resources and assets are verified so an attacker cannot swap them.

When a check fails, the response is configurable: terminate, disable sensitive features, or alert your backend.

Example

Anti-tamper example

Your application ships unchanged. What changes is whether a patched copy is allowed to run.

Without anti-tamper

An attacker patches the compiled binary to skip your license check, repackages it, and distributes the cracked version. It runs exactly like the original, minus the protection.

With anti-tamper

The same patched binary starts, the integrity check detects that the code no longer matches the original hash, and the application refuses to run.

Without anti-tamper
public void Start()
{
    License.Verify();
    App.Run();
}
With anti-tamper
public void Start()
{
    License.Verify();
    App.Run();
}

Use cases

When to use anti-tamper protection

Anti-tamper protection matters most when your application:

  • Contains licensing, payment, or authentication logic an attacker would want to remove.
  • Is distributed to devices and environments you don't control.
  • Is at risk of being repackaged and redistributed, common with mobile apps.
  • Must guarantee that the code running is the code you shipped.

It pairs naturally with anti-debugging and obfuscation: obfuscation makes the code hard to read, anti-debugging stops live analysis, and anti-tamper ensures the code has not been changed.

Platform availability

Anti-tamper protection across platforms

  • JavaScript

    Self-defending code that resists modification and reformatting.

  • Android

    Application integrity verification and repackaging detection.

  • iOS

    Tamper detection for the shipped application bundle.

Related

Related Shield protections

Frequently asked questions

What is anti-tamper protection?
Anti-tamper protection is a technique that lets an application detect whether its own code or resources have been modified since it was built, and respond by shutting down or degrading safely. It defends against patched binaries, repackaged apps, and injected code.
Does anti-tamper protection affect performance?
The runtime cost is minimal. Integrity checks are lightweight and run periodically, so legitimate users see no difference while a tampered version fails to run.
Can anti-tamper protection be bypassed?
A determined attacker can attempt to locate and disable integrity checks, which is why anti-tamper is layered with obfuscation and anti-debugging that make those checks hard to find. The goal is to make tampering impractical, not theoretically impossible.
What is the difference between anti-tamper and obfuscation?
Obfuscation makes code hard to understand. Anti-tamper ensures the code has not been changed. One protects confidentiality, the other protects integrity, and they are strongest together.
Which platforms support anti-tamper protection?
ByteHide Shield provides anti-tamper protection for JavaScript, Android, and iOS. For .NET, the equivalent integrity protections are Anti-Dump and Invalid Metadata.
10,000+ developers and companies protect their applications with ByteHide

Protect your application with
ByteHide Shield

Anti-tamper protection is one of more than 20 protections in ByteHide Shield. Apply it to your JavaScript, Android, or iOS application.

Start free
Book a demo
ByteHide runtime dashboard showing live threat monitoring and protection metrics