High level monitoring for non-arm64 devices #71
Description
**Is your feature request related to a problem? **
Yes.Most real Android devices are arm64-v8a. Non-arm64 (x86/x86_64/armeabi-v7a) is mainly used by emulators, sandboxes, and reverse-engineering setups. For financial apps, this is a high-risk environment, but today ABI is only informational.
Describe the solution you'd like
Treat non-arm64 as a high-risk execution class and add:
Architecture Risk Policy – configurable actions for non-arm64 (LOG, RESTRICT, HARDEN, TERMINATE).
Correlated Emulator Score – combine ABI + emulator signals into a single risk score.
Behavioral Anomaly Mode – enable timing/sensor/runtime anomaly checks on non-arm64.
Hardened Mode – restrict sensitive flows (payments, tokens, auth fallbacks) on non-arm64.
Telemetry Tags – expose ABI, emulator score, and triggered policies for SIEM.
Describe alternatives you've considered
Manual Build.SUPPORTED_ABIS checks in-app, which are fragmented and not integrated with RASP.
Additional context
Almost all automated fraud and malware analysis runs on x86 emulators. Making non-arm64 “high risk by default” significantly raises attacker cost for banking and fintech apps.