• Android package issue

• Improved emulator detection to correctly support third-party emulators (e.g., BlueStacks).
• SSL certificate pinning fixed to use RFC 7469–compliant SPKI public key hashing (existing pins must be regenerated).

⚠️ Migration Required #

SSL Pinning: All certificate pins must be regenerated using:

openssl s_client -connect api.example.com:443 -servername api.example.com </dev/null 2>/dev/null | \
  openssl x509 -pubkey -noout | \
  openssl pkey -pubin -outform der | \
  openssl dgst -sha256 -binary | \
  openssl enc -base64

iOS VPN Detection: No migration needed - automatic security improvement

🎯 Compliance #

• SSL Pinning now compliant with RFC 7469 (Public Key Pinning)
• iOS VPN detection follows OWASP Mobile Security Guidelines
• No sensitive information logging in production builds

• Fixed false positive VPN detection on Xiaomi/Redmi and Vivo devices
  • Removed rmnet_data and ccmni from VPN interface detection (standard mobile data interfaces)
• Fixed false positive root detection on MIUI and FunTouch OS devices
  • Removed /data/adb/modules from Magisk check (can exist without root)
  • Fixed checkRWSystem() to use precise mount line parsing

• Initial release
• Play Integrity API support (Android)
• App Attest support (iOS)
• Root/Jailbreak detection
• Emulator/Simulator detection
• Anti-debugging protection
• Hooking framework detection (Frida, Xposed, Substrate)
• App signature verification
• SSL Certificate Pinning
• String encryption utilities
• SecurityGate widget
• Native C security layer (Android)