Real-time Malicious App Detection with AI based on a 23M+ Global App Database
Background
In today’s world, the primary device for most people is mobile, and phishing exploits this fact to be the most prominent, direct threat to users. The main method for these attacks is malicious apps disguised as legitimate ones. Users grant these apps control over their devices or leak financial information without realizing, leading to real and serious harm. Traditional detection methods were based primarily on blacklists, meaning they only identify apps that were already registered as malicious. As a result, they have structural limitations when responding to newly disguised apps or modified malware, as they lack of clear criteria for determining whether an app is legitimate.
FakeFinder is a WhiteList based detection solution created to solve this problem. It first identifies unknown apps by comparing them against a database of more than 23 million verified legitimate apps collected from global app markets, and then analyzes potential malicious behavior.With proven accuracy and low false-positive rates in the financial sector, FakeFinder is the new standard for malicious app detection.
Key Features
WhiteList based Malicious App Detection
FakeFinder builds its own WhiteList database based on the latest versions of tens of millions of legitimate apps collected from major global app markets. It first checks whether the apps installed on a user's device are included in this database to determine legitimacy. This is a fundamentally different approach from traditional blacklist-based detection.
Robust Two-Stage Detection
Apps not registered on the WhiteList undergo secondary analysis on the server for malicious actions. Malicious behavior is determined in real time by analyzing installation paths, access permissions, suspicious API calls, behavior patterns, and more. This dual-structure approach enables high detection accuracy even against sophisticated attacks such as disguised or impersonating apps.
Extremely Accurate Detections
FakeFinder is actively deployed within the Korean financial sector, achieving both the highest level of detection accuracy and the lowest false-positive rate. It is a technology recognized and actively used in the most conservative environments.
Lightweight Client API/SDK
FFakeFinder can be easily integrated into mobile apps via API or SDK. Since the detection logic runs on a cloud-based server, it uses minimum local device resources.
KB PayCase StudyKB Pay offers next-level financial security
with FakeFinder.
KB Pay Secures 5,300 Korean
Citizens
KB Kookmin Card integrated FakeFinder to its payments application KB Pay, elevating mobile security to a new level.
When FakeFinder detects a malicious app on a user's device, KB Pay immediately blocks both in-person and remote transactions, and notifies the user. As a result, 5300 users were protected just in 2022 alone.
A significant portion of the detected apps were phishing apps impersonating domestic financial institutions or government agencies—high-danger types that could easily lead to financial loss once installed. KB Pay was able to establish itself as a secure and trustworthy payment service based on fast and accurate detection, and proactive responses.
Process
AI-based Database Collects All Legitimate Apps in Real Time
Compare Known Apps with Installed Apps for Legitimacy
Detect and Block all Unknown, Malicious Apps
The Financial App Experience, Safe from Phishing
Experience Everspin
Real-time protection for the web with ever-changing security code and AI-MTD
AI-MTD security modules for mobile threats
Combine big data and credit information to root out identity fraud
Joint threat response platform for the finance industry
Block malicious SMS before they reach users
Precise diagnosis with our elite red-team.
9-12th floor, 188 Noryangjin-ro, Dongjak-gu, Seoul
(+82) 02-2135-6239pr@everspin.co.kr
© 2026 Everspin Co., Ltd. All Rights Reserved.
