Approov React Native Quickstart

Thu 30 April 2020 By Richard Taylor

Category: Integration, ReactNative, Mobile App Authentication, Mobile App Development, API Security

Photo by Ferenc Almasi on Unsplash

React Native is a very popular framework for building cross platform apps. Apps are developed in Javascript, but with full support for inclusion of native iOS or Android libraries where that is necessary. You shouldn’t need to compromise on security though just because you are using a higher level framework rather than developing native apps. Our React Native Quickstart allows you to easily get up and running with Approov, whether you are building a new app or adapting an existing one to have an improved security posture.

Read More

Approov Backend Quickstarts

Wed 29 April 2020 By Richard Taylor

Category: Integration, Mobile App Authentication, API, MitM Attack, Certificate Pinning, API Security

Photo by Ankush Rathi from Pexels

Approov lets your mobile app prove to a backend API that it really is the official mobile app making the call, and that it is not running in an environment that may be compromised. Only requests from the apps that you specifically allow can make successful requests.

Read More

Approov Android Native Integration QuickStarts

Tue 28 April 2020 By Richard Taylor

Category: Integration, Android, Mobile App Authentication, Mobile App Development, Certificate Pinning, API Security

Photo by Pathum Danthanarayana on Unsplash

Our aim is to make the process of integrating Approov into your mobile app as simple as possible. Our Quickstart guides show you how to Approov into your app, tailored to whatever framework or programming style you’ve already adopted. In this blog we are going to cover the comprehensive options we have for Android Native app development.

Read More

Cloner Apps: Playing in a Shared Sandbox

Mon 27 April 2020 By Richard Taylor

Category: Android, Mobile App Authentication, Repackaged Apps, Threats, Fintech

Image by Andrew Martin from Pixabay

The Android app store contains numerous Cloner Apps. These are an increasingly popular category that allow you to have multiple accounts associated with an app, such as a social media or messaging app. Our analysis shows that such apps introduce some really concerning potential security isolation risks that you should be aware of so that you can decide if you want to enable features to block the use of such cloner apps with your own app.

Read More

Protecting Personal Information & Sensitive Data In Mobile Health Apps

Mon 20 April 2020 By David Stewart

Category: Account Hijacking, Mobile App Authentication, Scrapers, Bots, API Security, Healthcare

Recent years have seen a move towards cloud platforms and mobile health apps for citizens -- applications and data processing systems that enable ordinary people to interact with their health providers, make appointments with medical professionals, order prescriptions, and gain on-demand access to their medical records. The ongoing COVID-19 pandemic is putting greater emphasis on this trend, as citizens clamour for the latest news, advice, and best practices, while government and health organisations look to digital technologies to help them develop treatment protocols, track the progress of the virus spread, and monitor the condition of all those affected.

Read More

Contact Tracing Apps: Privacy vs. Security?

Thu 16 April 2020 By Richard Taylor

Category: Mobile App Authentication, Threats, API, API Abuse, API Security, Healthcare

Photo by Fusion Medical Animation on Unsplash

Last Friday, there was an unusual joint announcement from Apple and Google providing details of a new phone API for Covid-19 contact tracing via Bluetooth. The protocol allows mobile phones to continually transmit Bluetooth advertisements to one another. This includes a proximity identifier derived from randomly generated keys that can be held secretly on each device. If a phone user is later diagnosed with Covid-19, they are able to upload the daily tracing keys for those days when they might have been infectious. 

Read More

COVID-19 App User Anonymity Mandates App Authentication

Sat 04 April 2020 By Richard Taylor

Category: Business, Threats, API, API Abuse, API Security

With smartphone usage now a global phenomenon, mobile apps and connectivity are common denominators binding people the world over. And as the world’s nations grapple with the common dilemma of how to manage the ongoing pandemic of coronavirus or COVID-19, it’s little wonder that governments and health authorities across the planet are turning to mobile app technology as a weapon in their crisis management arsenal.

Read More

Let's Fight COVID-19 With Apps - Privately

Fri 03 April 2020 By Richard Taylor

Category: News, Threats, API, Mobile App Development, API Security

Photo by CDC on Unsplash

In recent weeks we have been following the race to build contact tracing smartphone apps in the worldwide fight against COVID-19. Such apps are a powerful weapon in controlling the growth of infection by automating the scaling of the contact tracing process. By tracking interactions between people, the apps allow instant user notification if they have recently been in close proximity with anyone later diagnosed with COVID-19. This allows immediate social distancing or self isolation measures to be instituted for that potential infected user, slowing the spread of the virus. It would have been better if these apps were widely available during the initial phase of the pandemic, but they may still have a crucial role to play as we eventually emerge from full lockdown We have some specific suggestions about how this can be achieved while maintaining citizen anonymity.

Read More

Securing the Enterprise for Remote Work

Thu 02 April 2020 By David Stewart

Category: Business, Mobile App Authentication, Threats, MitM Attack, API Security

At a time when the world could use some good news, any good news, the central health crisis continues to get compounded by a persistent wave of cyberattacks targeted at companies and their employees. Not even healthcare institutions and agencies at the center of responding to the emergency have been spared, with the World Health Organization, the U.S. Department of Health and Human Services and even a UK-based coronavirus testing facility being targeted by cyber profiteers.

Read More

Top 5 Threats to APIs Servicing Mobile Apps

Sun 29 March 2020 By David Stewart

Category: Fake Accounts, Scrapers, Bots, Repackaged Apps, MitM Attack, API Abuse, API Security

 

As mobile apps become increasingly paramount to operating successfully in today’s markets, a big question mark over API security is raised. Gartner has previously predicted that by 2022, “API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.” Since every mobile app out there is powered by APIs, securing them is clearly a top priority.

Read More

Page 2 of 11