In a nutshell: Jailbreaking/rooting a device bypasses important security measures meant to protect apps and their data, exposing security threats that can put your app (and your business) in danger.

With a jailbroken/rooted device, apps that run on the device may be exposed to malicious actors who can access, and compromise data. This poses a huge security risk of data breach and loss of intellectual property, and can lead to downtime and lost revenue.

Developers can take steps to protect themselves (and detect bad actors) via Median’s Jailbreak/Root Detection native plugin. Read more to learn what it is — and how to integrate it into your app — below.

‍

What does jailbreaking/rooting a device mean?

‘Jailbreaking’ and ‘rooting’ both refer to users unlocking the ability to bypass restrictions imposed by their device’s operating system.

Jailbreaking is specific to removing software restrictions imposed by Apple for iOS devices (iPhones and iPads). On jailbroken devices users can install apps from "unofficial” app stores that have not been approved by Apple, customize their device’s interface, and access and modify system files that are otherwise restricted or inaccessible.

Rooting is the Android equivalent of jailbreaking. On a rooted device users can modify system files, install apps that are otherwise restricted, and even replace the entire operating system with custom Android images.

What are the security risks involved with jailbreaking/rooting a device?

Jailbreaking/rooting a device poses a high security risk and results in serious challenges for companies that offer apps. Here are some of the risks when your app runs on a jailbroken or rooted device:

• Data breach: A jailbroken/rooted device may have software running that enables malicious actors to steal sensitive user and app data, resulting in legal repercussions and financial burdens.
• Risk of piracy: App users can bypass the verification of in-app purchases and subscription models, causing app developers who profit from in-app purchases, to lose significant revenue.
• Intellectual property theft: Jailbreaking can make it easier for malicious actors to reverse-engineer apps, which leads to theft of proprietary code, algorithms, and other intellectual property.
• Brand crisis: A security incident resulting from your app being used on jailbroken/rooted devices can negatively impact the perception of your brand, and trust in your business and app offerings.
• Customer support burden: Some users who may have unknowingly purchased a second hand jailbroken/rooted device may install your app and face issues that cause them to submit support requests or negative reviews not realizing the issue is their own compromised device.

How do the security risks of a jailbroken/rooted device affect your industry?

Is the risk of apps running on jailbroken/rooted devices more of a concern for some industries than others? While all app developers should take note, the following industries present specific risks:

• Banking and finance: Financial institutions like banks rely on mobile platforms to provide services such as online banking and mobile payments. With a jailbroken/rooted device, user data and financial transaction data can be compromised, posing a high security and legal risk. 
• Healthcare: Health apps often handle sensitive medical data, a jailbroken/rooted device can risk exposure of that data, potentially compromising patient privacy and legal regulations set by local governments.
• Retail and e-commerce: A jailbroken/rooted device can lead to the exploitation of retail apps that store data and process payments, potentially risking the breach of credit card and finance data, enabling fraud. 
• Media and entertainment: Streaming apps such as Netflix, Hulu, Disney+ could be affected by jailbroken/rooted devices because bad actors can compromise the Digital Rights Management (DRM) controls, and access video content that is otherwise restricted. 
• Gaming: Gaming apps on a jailbroken/rooted device could allow users to modify in-game features, bypass in-app purchases, and circumvent game rules, which could affect gameplay for other players, credibility of the game, and the financial model.

How can you prevent your app from running on a jailbroken/rooted device?

There is good news for app developers concerned about the serious consequences of their apps operating on insecure devices. The risks can be avoided with a simple and easy solution: Median’s Jailbreak/Root Detection native plugin.

The Jailbreak/Root Detection plugin is an add-on created by Median experts that can be integrated into your app to detect whether an iOS device is jailbroken or an Android device is rooted. 

If a device is jailbroken/rooted, the app will automatically add a query parameter to the requested URL, so your development team can identify compromised devices, develop the user experience for such devices and educate the user about their, potentially unsupported, device.

This plugin is important in maintaining the security and integrity of your mobile app, especially apps handling sensitive data in regulated industries (banking, financial, healthcare, etc).

The Jailbreak/Root Detection native plugin is powered in part by proven open source libraries including DTTJailbreakDetection library for iOS and rootbeer library for Android, it uses advanced detection techniques, including analysis of binaries, apps, and URL protocols, to offer a strong level of protection that will pass compliance requirements.

Key features of Median’s Jailbreak/Root Detection plugin include:

• Effective app security: Protect your app and its backend systems from data breaches and unauthorized access by detecting and preventing access from jailbroken/rooted devices.
• Compliance assurance: Meet compliance requirements by providing a validated and reliable means to identify compromised devices.
• Flexible enforcement action: Choose to display a warning message, log analytics events, or completely disable access from jailbroken/rooted devices.

Want to learn more about our plugins?

Launch a full-feature native app without native development!

Plugin library

What are the steps required to add Median’s native Jailbreak/Root Detection plugin into your app?

By now you may be wondering how to natively integrate this plugin into your app. Simply take the following steps:

Step 1: Contact Median’s support team to integrate the plugin into your app. To do this, go to your Median account and select your app  > Use the “Contact Us” button which will pop up the widget:

Then, use the “Send message” option to integrate the plugin into your app:

‍Step 2: After integrating the plugin into your app, make sure it is activated. To do this, go to your app, select the plugin, and click ‘Enable’.

‍Step 3: Once the plugin is enabled, proceed to rebuild your app. To do this, select the relevant app and initiate the rebuild from the /build page.

‍Step 4: After rebuilding your app, you can verify if the device is jailbroken or rooted by checking the initial URL for the rootDetected query parameter. If a jailbroken or rooted device is detected, the URL query parameter rootDetected=true will be included. 

You can see in the demo example below, that a message is displayed based on the query parameter added by the plugin.

‍Summary

Jailbreaking in iOS and rooting on Android enables app users to bypass their device’s security restrictions, allowing them to download apps from external sources other than the respective app stores and to modify system files.

These compromised devices pose a high threat to your app’s security because a jailbroken/rooted device is prone to data loss through hacking and piracy

Median’s Jailbreak/Root Detection native plugin allows app developers to reduce risk by detecting whether a device is jailbroken/rooted. It provides a toolkit to design compliance methods and can help you prevent unauthorized access from insecure devices that may lead to a data breach.

Want to know how it all works?

Get hands-on with Median’s comprehensive documentation, and build your app with ease.

View Documentation

Frequently asked questions

What happens when the plugin detects a jailbroken/rooted device?

When the app launches, if the app detects a compromised device, it will load the initial URL with an additional query parameter, which may be either rootDetected=true or isRooted=true . For example, instead of loading https://example.com/, the app will load https://example.com/?rootDetected=true.

This parameter can then be used to effect the desired action such as disabling the user’s account, preventing app access, etc.

What are the negative impacts of jailbreaking or rooting a device?

Jailbreaking or rooting a device can compromise its security, making it vulnerable to malware and unauthorized access which can result in data loss to a bad actor. It can also lead to system instability, causing apps to crash or malfunction.

How does jailbreaking or rooting affect device performance and warranty?

Jailbreaking or rooting can negatively affect a device's performance by introducing bugs and reducing system stability. It also voids the warranty — manufacturers are not obligated to provide support or repairs for devices that have been altered in this way.

Stay in touch

Join our mailing list for the latest mobile app news & Median updates.

Thank you for subscribing to our newsletter!

Oops! Something went wrong while submitting the form.