Runtime Integrity Check

This page describes the Runtime Integrity Check policy.

Policy Description

The Runtime Integrity Check policy verifies the integrity of the app by calculating its checksum at runtime and comparing it with the checksum stored in the Digital.ai App Management database.

Digital.ai App Management calculates a checksum each time a new version of an app is added to Digital.ai App Management. If the checksums do not match during the Runtime Integrity Check, the app will not open and Digital.ai App Management will display a message advising the user to reinstall the app because it may not be safe to run. This ensures that a user cannot run an app that was downloaded or installed incorrectly, or compromised in some way after it was installed.

To calculate an application's checksum, Digital.ai App Management uses the SHA-256 cryptographic hash function.

The User Experience

When a user attempts to open an app with the Runtime Integrity Check policy applied, Digital.ai App Management calculates its checksum and compares it with the checksum stored in the database for that same version of the app. If the checksums match, the app opens (as long as opening is not blocked due to any other policy checks).

If the checksums do not match, Digital.ai App Management displays the following message advising the user to reinstall the app: