Mobile Enforcement Verification
Using the Developer tab
The Developer tab allows you to verify that your installed SDK is running correctly and monitoring and blocking traffic as intended.
Users with Admin, Developer and Dev Tools credentials have access to the Developer tab.
Enforcement verification is applicable to both Android and iOS
Extracting Visitor ID (VID)
PerimeterX servers assign a unique visitor ID (VIDVID - A unique visitor ID, used to track a single user, based on their cookie.) to every user. In order to use the verification tool, you need to extract the VIDVID - A unique visitor ID, used to track a single user, based on their cookie. assigned to the device being used for testing.
- Access the application being tested with the device.
- Click VID Extractor (Platform Settings > Developer)to open the VID Extractor window.
- Enter the device IP address and click Search
- Note: This may take a few minutes*
- Locate your device based on the device, app and carrier attributes listed in the table, and click Select. The required parameters are automatically inserted in the relevant fields.
Simulating the Captcha Response
To verify that the app is blocking correctly:
- Click the Captcha button to flag all traffic from your device as a possible bot.
- Move the app to the background and then to the foreground to refresh the SDK token. The first request sent to your mobile app’s server will receive a 403 response with a Captcha challenge in the response body.
- By calling
PXManager.handleResponse
a Captcha page is displayed. - To clear your VIDVID - A unique visitor ID, used to track a single user, based on their cookie., you can either solve the Captcha, or click the Clear button.
When testing with a mobile emulator
As some of our detections may block mobile emulator based solving, make sure to pass the
x-px-captcha-testing
header to the request.
You can find our testing recommendations here.
Configuring an Android Emulator to use Charles Proxy
To configure your Android Emulator:
- Set the HTTP proxy settings in the Wi-Fi menu.
- In the Wi-Fi menu long press the connected network, select Modify Network, and fill in the proxy settings.
If you are running Charles Proxy on your local machine then use the local IP (not the loopback).- To intercept HTTPS requests follow the guidelines at:
https://www.charlesproxy.com/documentation/using-charles/ssl-certificates/.
In Android Nougat special permissions are required to use a certificate added to the trust store.
Clear
Click the Clear button at any point to remove the simulated mode assigned to your device. After restarting your application all traffic between your device and the server should pass.
Updated 24 days ago