We're Hiring!

Approov Blog

Embracing an API First, Security Driven Strategy

March 19, 2024

Adopting an API-first approach in mobile app development emphasizes the design and development of APIs as foundational elements before focusing on the application's user interface or other components. This method treats APIs as primary building blocks, ensuring they cater to various clients (e.g., web, mobile, third-party applications) efficiently and effectively. Read Full Story

Overview of Singapore Safe App Standard for Mobile App Security

March 19, 2024

On January 10th 2024 the Cyber Security Agency of Singapore (CSA) published V1.0 of the Singapore Safe App Standard. This is intended to help app developers and providers enhance mobile app security. The standard provides a common security benchmark and guidance to app developers and providers on the necessary security controls and best practices to better protect any mobile applications, and in so doing, enhance the protection of user data and app transactions. It is intended to cover apps developed or deployed in Singapore. Read Full Story

Why Hackers Love Phones - Keep your Eye on the Device

March 12, 2024

This is the third article in a guest blog series from Intellyx. Catch up on the first article here and the second one here. Maintaining a corporate cybersecurity posture means locking down its threat surface – all points of potential compromise that ‘black hat’ hackers might use to penetrate the corporate network. Of all these points of compromise, among hackers’ favorites are smartphones and other handheld devices. Every device is an open door for hackers, as they are replete with vulnerable apps that connect to back-end services and networks. Read Full Story

EU Fines Apple $2B: A Milestone for App Security and Developer Liberty

March 5, 2024

In a landmark decision, the European Union has fined Apple nearly $2 billion, citing unfair rules set by the tech giant for developers of music-streaming apps. This fine underscores a critical conversation about the balance between platform control and the autonomy of app developers, especially in choosing security solutions and payment methods. Read Full Story

The Impact of EU's Digital Markets Act on 3rd Party App Security

February 26, 2024

With the implementation of the Digital Markets Act (DMA) in the EU, Apple is opening the possibility of installing apps from alternative apps stores. As discussed in Update on apps distributed in the European Union the intention is that all apps that can be installed must go through a notarization process, which signs the app package with a certificate from Apple. This will be a lighter (and fully automated) review process than will be applied to apps for the official Apple Store. Read Full Story

Enhancing Android App Security: Approov's Role with Non-GMS Apps

February 13, 2024

In today's digital age, mobile applications and APIs play a pivotal role in our daily lives. With the Android ecosystem being the dominant platform, the security of Android apps is a critical concern. Based on privacy concerns and a desire for openness more Android apps than ever are being developed without relying on Google Mobile Services (GMS), commonly known as non-GMS apps. Read Full Story

Cybersecurity Implications of the Digital Markets Act & Apple iOS 17.4

February 6, 2024

The iOS mobile app environment is undergoing significant transformations, partly due to the European Union's introduction of the Digital Markets Act (DMA), which is effective starting in March 2024. This new EU law has prompted changes and updates in operating systems and app stores, which are now influencing the iOS development landscape. Specifically, the release of iOS 17.4 introduces substantial modifications to the App Store, Read Full Story

Revealing the Limitations of Apple DeviceCheck and Apple App Attest

January 29, 2024

This overview outlines the history and use of Apple DeviceCheck including the DeviceCheck App Attest feature. It will highlight how this security solution is used and highlight some limitations. We also compare and contrast Apple DeviceCheck and App Attest with the comprehensive mobile security offered by Approov. Read Full Story

Empowering Mobile Payments: Approov's Security and PCI MPoC Mastery

January 18, 2024

In the ever-evolving landscape of mobile applications, especially those dealing with sensitive financial transactions, security is paramount. Approov, an advanced App and API security solution, takes a multifaceted approach to ensure the integrity of protected APIs, with a focus on the recently introduced Payment Card Industry (PCI) Mobile Payments on COTS (Commercial-off-the-Shelf) devices (MPoC) standard. Read Full Story

“Mobile First” is for Mobile Secrets, Too

January 16, 2024

This is the second article in a guest blog series from Intellyx. You can read the first article here. Organizations, such as the Citi Consumer Bank when I was head of security architecture there, adopt a “mobile first” approach to application development. “Mobile first” means first developing a mobile application that delivers a great customer experience, and later focusing on developing other customer facing applications (such as a web app). Read Full Story