We're Hiring!

Approov Blog

A Practical Guide to OWASP MASVS v2.0 - Its Evolution and Implementation

August 30, 2023

What is OWASP MASVS? The OWASP (Open Worldwide Application Security Project) MASVS (Mobile Application Security Verification Standard) is a valuable resource for mobile app developers seeking to improve the security posture of their iOS and Android applications. The standard is based on the collective knowledge of security experts from around the world and provides both a baseline and a benchmark for security requirements for mobile apps. Read Full Story

Reducing the Cost of Data Breaches with Approov Mobile Security

August 3, 2023

Introduction Data breaches have become a persistent threat for organizations across the globe, with cybercriminals relentlessly targeting valuable data, sensitive customer information, and proprietary business data. The data below is alarming, but the key takeaway is through prevention, monitoring, and rapid remediation, costs can be eliminated or highly mitigated. Read Full Story

Staying Ahead of Mobile App Threats with Real-Time Analytics

August 1, 2023

Mobile apps and APIs are increasingly being targeted by cybercriminals using sophisticated techniques to exploit vulnerabilities and gain access to sensitive data. To stay ahead of these threats, real-time analytics on the security state of mobile apps and devices is critical. Read Full Story

Security Threats to Mobile Crypto Apps and How to Protect Them

July 28, 2023

The last year has not been great for crypto. Most crypto currencies, including Bitcoin, experienced significant loss of value, and we saw high profile exchanges like FTX collapse. In addition, hackers were actively stealing crypto currency. The blockchain company Chainalysis calculated that $3.8bn was stolen by hackers in 2022. Read Full Story

How To Use a MitM Attack to Bypass Code Obfuscation to Extract Secrets From the ChatGPT Mobile App

June 23, 2023

In a previous article, we saw how to use code obfuscation to make it more difficult for an attacker to extract a secret through static binary analysis of the ChatGPT demo mobile app. However, it's important to note that code obfuscation is not always as effective in protecting secrets as we might hope. It can give a false sense of security, similar to the Maginot Line that the French built during World War II to deter the German invasion of France. As many know, the German military simply went around the Maginot Line and quickly invaded France, rendering it useless. This event is now often used as an analogy for situations where something provides a false sense of security rather than actual security. Read Full Story

How to Use Code Obfuscation to Hide Secrets in Your Mobile App

June 21, 2023

Mobile app security is a crucial aspect that needs to be prioritised by developers and businesses alike. With the increasing number of cyber-attacks targeting mobile apps and their APIs, it's more important than ever to take measures to protect the secrets used by mobile apps to access their APIs to protect users' sensitive data and prevent unauthorised access to it and subsequent data breach. Read Full Story

What Can You Test with an Approov 30-Day Free Trial?

June 15, 2023

Everything. If you are reading this, then it's probably because you are actively considering a free 30 day Approov trial. Why are you interested in Approov? Well possibly because you have uncovered a security issue with a mobile app and that app is critical to your business. In any case, the pressure is on. Read Full Story

What is “Bank-Grade Security” and is it Enough?

June 7, 2023

"Bank-grade security" is a term often used to describe a high level of security measures implemented in mobile applications to protect sensitive data, transactions, and user privacy. It implies that the app's security measures are at par with or comparable to the security standards employed by financial institutions, such as banks, which are known for their rigorous security practices. In this post, we will examine what is meant by this term and whether or not you should be comforted by it. Read Full Story

Can You Protect E-Scooters from Vandalism and Fraud?

May 30, 2023

E-scooters are becoming an increasingly popular mode of transportation in cities around the world, offering a convenient and eco-friendly alternative to traditional forms of transport. However, as their popularity grows, so does the risk of vandalism and fraud, which can lead to significant financial losses for companies that operate e-scooter sharing programs. Read Full Story

Comparing Mobile App & API Security from Approov to Zimperium (A-Z)

May 15, 2023

In today's digital landscape, securing mobile apps and APIs is of paramount importance. Among the various security solutions available, Approov stands out as truly unique. What sets Approov apart is its combination of Mobile App Security and Mobile API Security, within a single product. With this innovative approach, Approov enables the lockdown of the Mobile API solely to clean mobile devices running authentic instances of the mobile app that have passed the Approov remote mobile app attestation process. This continuous verification process ensures the device and mobile app integrity, without any impact on user experience. Read Full Story