Appdome, the leader in securing mobile apps, has announced the launch of IDAnchor™, the world’s first Customer Identity Protection (CIP) solution designed specifically for the mobile ecosystem. IDAnchor™ fingerprints every app release, installation, and device involved in accessing, logging in, or transacting within mobile apps—creating a cryptographically bound, tamper-proof chain of trust.
By combining these immutable identifiers with real-time threat signals, Appdome enables mobile brands to trigger security alerts and detect suspicious activity from unrecognized devices, helping protect CIAM, IDV, and other identity-based services in mobile applications.
“Successful authentication doesn’t always mean it’s a trusted user or transaction,” said Tom Tovar, Co-Creator of Appdome. “Mobile brands need visibility into whether logins or identity actions are occurring on legitimate devices and installs. IDAnchor makes that possible.”
What Is Customer Identity Protection (CIP)?
Customer Identity Protection (CIP) adds a critical security layer around identity-related operations in mobile apps—ensuring that identity assertions are not made from compromised or impersonated environments.
While traditional mobile identity systems assume a secure environment, the reality is that attackers often exploit fake devices, tampered operating systems, or malware-infected sessions to hijack accounts or spoof legitimate users. CIP tracks the true source of identity throughout the user journey—monitoring the mobile app, device, installation, and session in real time.
By doing so, it can detect if any part of this value chain is compromised or manipulated—safeguarding against on-device threats, spyware, deepfakes, and more.
IDAnchor™: A Breakthrough in Mobile Identity Assurance
Unlike traditional, static methods of device binding, IDAnchor™ establishes a dynamic, cryptographically sealed chain of trust across the full mobile app lifecycle—from development through deployment and user interaction.
IDAnchor fingerprints every:
DevOps workspace
App release
Installation
Device
Session
Each fingerprint is resilient to device resets, OS upgrades, and fraud techniques such as device cloning, app spoofing, and Trojanized installations.
When this trust chain is broken, mobile brands are immediately alerted—empowering them to trigger real-time sign-in alerts, step-up authentication, or session blocking. Just like Apple or Google, mobile brands can now ask, “Is this you?”—protecting users from fraud and account takeovers (ATOs) across all mobile verticals, from fintech and healthcare to ride-sharing and gaming.
“IDAnchor gives brands a real-time view into whether the device, session, and environment are trustworthy at every step,” said Avi Yehuda, Appdome CTO and Co-Creator.
Built-In Threat Intelligence for Mobile Identity
IDAnchor integrates over 400 threat signal detections to provide unparalleled protection against advanced mobile threats, including:
Deepfake login attempts
Synthetic account creation on spoofed devices
Ad fraud via install/re-install abuse
Emulator farms mimicking real users
Referral program exploitation through device ID manipulation
Trojan app scams and social engineering
Geo-fraud using spoofed GPS and IP cycling
On-device fraud via stolen credentials or cloned devices
“Without CIP, any device can pass authentication—even if it’s fake,” said Chris Roeckl, Chief Product Officer at Appdome. “IDAnchor changes that by validating the actual source of identity inside the app.”
Key Features of IDAnchor™
- DevOps Workspace Fingerprint:
Creates a trusted root of identity from the developer environment itself. - App Release Fingerprint:
Unique release identifiers that do not reset with installs. Fully tamper-resistant. - App Install Fingerprint:
Tracks each unique installation with a reset on version change. Cannot be disabled by users. - Mobile Device Fingerprint:
Generates persistent and immutable IDs for both Android and iOS devices. - True Device Attributes:
Delivers accurate device details with every transaction or identity payload. - Anti-Spoofing & Fraud Defense:
Blocks device and vendor ID spoofing
Prevents advertising ID cycling (GAID/IDFA)
Protects against fraudulent re-installs and fake referrals
Detects manipulation of IDAnchor or any component in the trust chain
- Threat Telemetry & Intelligence:
Tracks over 400 attack types—like remote code execution (RCE), phishing, smishing, geo-fraud, and deepfakes—sending real-time telemetry to enterprise security teams.
“Identity is the new security perimeter,” said Eric Newcomer, Analyst at Intellyx. “Appdome’s IDAnchor is a breakthrough in protecting mobile identity from modern threats like AI-driven deepfakes and synthetic devices.”
Availability of IDAnchor™
IDAnchor™ is available now for all Android and iOS mobile applications. Brands can evaluate and use IDAnchor through the Appdome SDK, on-prem deployment, or cloud service.
Live Demo Opportunity:
Visit Appdome’s booth (#4746) at Black Hat USA on August 6–7 in Las Vegas to see IDAnchor in action. Or learn more and request a demo via the Appdome website.
—————————————————————————————————
About Innovation Streets:
Welcome to InnovationStreets.com! Get the latest insights from the finance and technology industries. Discover industry updates on fintech innovations, regulatory developments, industry insights, events, and collaborations between banks, insurers, and fintechs. A platform for C-level executives to submit thought leadership content for their peers. Subscribe for updates!
