David Stewart

Closing Both Web and Mobile Doors To Automated Traffic

March 16, 2021

In this article we will look at the challenges of making sure that bots and other automated traffic can’t gain access to your backend systems, no matter how they try. Most enterprises offer services through their website and their mobile app and both attack surfaces must be considered. Ensuring that both channels are properly defended will prevent DDoS, credential stuffing, data scraping and other fraudulent exploits from occurring. Read Full Story

Building Your Gold Standard For Account Access

February 16, 2021

In this article we are going to look at the key use cases you should consider around protecting access to your users’ accounts and what you should think about when building your gold standard security to protect them. Read Full Story

Balancing Mobile App and API Protection

January 18, 2021

A common discussion that comes up with customers is how they should consider the security requirements of their mobile apps and of the APIs that service them. A recent incident involving Nissan provides a reminder of how easily best laid protections can unravel. Read Full Story

Man-in-the-Middle: Myths and Legends

January 6, 2021

Man-in-the-Middle (MitM), or more correctly Person-in-the-Middle, is the technique of inserting yourself into API traffic to observe or manipulate requests and transactions as they pass by. In this article we’ll look at how it’s done and what you should do to prevent it, exploding a few misapprehensions on the way. Read Full Story

App and API Level Security for Connected Car Platforms

December 9, 2020

In 2009, the app economy officially kicked off with the Apple trademarked refrain “There’s an app for that.” A decade later, the mobile app is the center of gravity of the digital economy, transforming how we shop, bank, read, commute, socialize, work, travel, manage our health, and much more. Today, it seems, if there’s no app for that, then it’s probably not a fully digital experience. Read Full Story

Securing API Keys for Robust Mobile API Security

December 4, 2020

It’s been nearly half a decade since Gartner declared the API economy open, hailing it the enabler that could transform businesses into platforms. Since then, APIs have significantly evolved beyond their rather simple origins as middleware integration tools. Read Full Story

Approov Partnership with BMW Group Provides Secure and Seamless Car Share Experience

November 10, 2020

Car theft risks and business-critical security issues are resolved with Approov API authentication software for mobile apps EDINBURGH — Nov. 10, 2020 — Approov, the award-winning, anti-fraud, anti-bot software solution delivering secure mobile business for the automotive and mobility industry, today announced a partnership with BMW Group to provide a secure, safe and seamless car-sharing experience. The BMW Group Car Sharing Platform, including the Approov SDK, has already been deployed in several thousand vehicles globally. Read Full Story

Root and Jailbreak - To Ban or Not to Ban?

November 4, 2020

Rooting Android phones and jailbreaking Apple phones are generally considered to be bad things to do and strong indicators of evil intent. In this article we will explore this position a little deeper and dig into the topic. We’ll discover that the truth is much more nuanced than that and one size does indeed not fit all. Finally we will propose the methodology you should consider when setting your security policies. Read Full Story

EETimes Talks Approov and Automotive

September 1, 2020

Approov is making rapid progress in the automotive sector, particularly in mobility businesses. The specific challenges in this market were the subject of an interview we did with EETimes. Read Full Story