onTamperDetected is executed when running on physical device

[neroaCu]

Hi,

Can you tell me under what conditions this plugin would detect it as a tampering case?

I enabled this onTamperDetected feature in android and found that it was invoked on a physical device (developer mode is enable) and simulator as well. Is this expected behaviour? for example, it restricts the app must be download from google/Apple Store?

Or does it means I did something else wrong? like the expectedSigningCertificateHash is wrong?

Please help. Thanks

[talsec-app]

Hello,

application is considered tampered if it has incorrect package name or if it was signed/resigned with an unknown signing key (signing certificate mismatch). If the application is installed from an untrusted application store, onUntrustedInstallationDetected is triggered. Please verify, that your expectedSigningCertificateHash is correct. You can use this link for Base64 -> Hex conversion: https://base64.guru/converter/decode/hex
We will try to add expectedSigningCertificateHash checks to the next version of Talsec.

Talsec Team