We're Hiring!

Approov Blog
API Security - Analysis, News and Insights

Why Hackers Love Phones - Keep your Eye on the Device

March 12, 2024

This is the third article in a guest blog series from Intellyx. Catch up on the first article here and the second one here. Maintaining a corporate cybersecurity posture means locking down its threat surface – all points of potential compromise that ‘black hat’ hackers might use to penetrate the corporate network. Of all these points of compromise, among hackers’ favorites are smartphones and other handheld devices. Every device is an open door for hackers, as they are replete with vulnerable apps that connect to back-end services and networks. Read Full Story

Revealing the Limitations of Apple DeviceCheck and Apple App Attest

January 29, 2024

This overview outlines the history and use of Apple DeviceCheck including the DeviceCheck App Attest feature. It will highlight how this security solution is used and highlight some limitations. We also compare and contrast Apple DeviceCheck and App Attest with the comprehensive mobile security offered by Approov. Read Full Story

Empowering Mobile Payments: Approov's Security and PCI MPoC Mastery

January 18, 2024

In the ever-evolving landscape of mobile applications, especially those dealing with sensitive financial transactions, security is paramount. Approov, an advanced App and API security solution, takes a multifaceted approach to ensure the integrity of protected APIs, with a focus on the recently introduced Payment Card Industry (PCI) Mobile Payments on COTS (Commercial-off-the-Shelf) devices (MPoC) standard. Read Full Story

“Mobile First” is for Mobile Secrets, Too

January 16, 2024

This is the second article in a guest blog series from Intellyx. You can read the first article here. Organizations, such as the Citi Consumer Bank when I was head of security architecture there, adopt a “mobile first” approach to application development. “Mobile first” means first developing a mobile application that delivers a great customer experience, and later focusing on developing other customer facing applications (such as a web app). Read Full Story

2024: Reflecting on a Dynamic, Tumultuous Cyber Year

January 16, 2024

As we step into 2024, it's crucial to reflect on the cyber landscape of the past year, marked by significant breaches that underscore the persistent challenges in securing our digital lives. Here are some notable incidents that grabbed headlines: Read Full Story

The Limitations of Google Play Integrity API (ex SafetyNet)

December 20, 2023

This overview outlines the history and use of Google Play Integrity API and highlights some limitations. We also compare and contrast Google Play Integrity API with the comprehensive mobile security offered by Approov. The imminent deprecation of Google SafetyNet Attestation API means this is a good time for a comprehensive evaluation of solutions in this space. Read Full Story

Approov Addresses Apple Watch Security Issues

December 18, 2023

Apple and MIT recently published a study indicating that 2.6 billion personal records were exposed through data breaches over the last two years. These findings underscore the need for protecting data in the cloud through mobile attestations and improved API security. Watches, wearables and other new types of mobile devices are now the weakest link in the mobile app threat landscape. Approov addresses this threat head on with Release 3.2 of the solution. While Release 3.2 includes other important enhancements (detailed in the Press Release), this blog specifically explores the crucial advancements made to enhance the security of the Apple Watch. Read Full Story

Top Security Trends and Predictions for 2024

December 7, 2023

Approov stands at the forefront of mobile cybersecurity: Our expansive customer base, ongoing research initiatives and the insights we collect from our live threat metrics, give us unique visibility into trends in mobile security. Based on this data, we wanted to share our predictions for 2024. We don't claim to be able to predict the future but we do think we can see some trends that will help you prepare your own plan for navigating the challenges and opportunities that lie ahead in 2024. First, let's talk about some general trends we see and then dive into our mobile predictions. Read Full Story

Understanding the Security of Mobile Apps in Africa

November 29, 2023

CyLab-Africa researchers partner with mobile security provider for summer collaboration experience Researchers from CyLab-Africa and the Upanzi Network recently partnered with the mobile security provider Approov to explore the security of common financial services apps used across Africa. After surveying 224 popular financial applications, the researchers found that 95 percent of these Android apps exposed secrets that can be used to reveal personal and financial data. Across these applications, approximately 272 million users have the potential to be victims of the security flaws. Read Full Story

Why Isn’t Mobile at the Center of Your Cybersecurity Strategy?

November 21, 2023

This is the first article in a guest blog series by Jason Bloomberg, Managing Partner, Intellyx Focusing on user authentication, including multi-factor authentication, is not enough to put mobile at the center of your cybersecurity strategy. It is essential to ensure the integrity of devices, applications, and communication channels, along with securing API access. Read Full Story