This presentationwas delivered byDavidatAPIDaysin Paris last month and it covers the topic of protecting mobile APIs and apps in a banking context.
Drawing an analogy with vampires, who look like regular human beings unless you examine them very closely, the presentation makes the very important point that it is not sufficient to only check user credentials before allowing API access to your backend assets. It is equally important to authenticate that the traffic is coming from the mobile app you think it is coming from, and that the app has not been compromised in any way.
In the new world of open banking based around APIs, API security must be enhanced and software authentication is an essential layer in the required protection armory. Approov does it with minimum effort and maximum deployment flexibility.