What Can You Achieve In Your 30 Day Free Approov Trial?

Mon 03 August 2020 By Jae Hossell

Category: Integration, Mobile App Authentication, Scrapers, Bots, Threats, API, API Abuse, API Security

Approov is first and foremost an API protection solution for bot mitigation, securing mobile businesses against automated traffic and other attempts to gain unauthorized access to backend services, data and assets. However, while delivering this service Approov also gives valuable insight into the types and state of devices that are communicating with the protected services via the API. For example, do you know the proportion of connections coming from unauthorized software: bots, scripts, or repackaged apps? Do you know if your communications are being intercepted, if the mobile device is rooted/jailbroken, if your app is running in an emulator, if there is a debugger or framework attached, or even if your app is running in a cloned environment? Read on to find out you can get at these nuggets before the end of your free Approov trial.

Read More

Protecting Your SDK With Approov

Thu 11 June 2020 By David Stewart

Category: Mobile App Authentication, Scrapers, Bots, Threats, Fintech, API Abuse, API Security, Mobility

Photo by Ann H from Pexels

When we talk about Approov API Threat Protection, we usually talk about it in the context of ensuring that only genuine instances of your own mobile app can use your API to access your backend servers. However, there is another use case which occurs commonly in our customer base - ensuring that only your SDK can use your API where you distribute your SDK to your customers. Here also, Approov is highly effective.

Read More

Vulnerabilities In Fintech Mobile Apps

Fri 22 May 2020 By David Stewart

Category: Business, Bots, Threats, Fintech

 

Mobile applications play an increasingly important role in our lives -- and the current global lockdown due to the COVID-19 situation has led to a surge in the download of financial technology or fintech apps. According to research by the deVere Group, the coronavirus pandemic has fuelled a massive 72% rise in the use of fintech apps in Europe. But while this spike in adoption and usage provides encouraging news for the fintech industry, these mobile apps present a real threat, with hackers looking for new ways to bypass software defences, or to exploit security vulnerabilities.

Read More

Mobile Auction Apps: Scalping And Sniping

Wed 06 May 2020 By David Stewart

Category: CheatingAsAService, Scrapers, Bots, Threats, API Abuse, API Security

The eBay concept first came to light as a browser based auction platform, giving sellers a chance to offer their goods to potential buyers from across the globe, before making the transition to become one of the world’s most popular mobile auction apps. Others have since emerged, with mobile auction apps giving event organisers the tools to simplify setup and management, and buyers the simplicity and speed of making bids and performing transactions with the swipe of a finger. Of course, every financial opportunity throws itself open to dishonest practices -- and mobile auction apps are no exception. Scalping and sniping are two of the major issues faced by mobile auction operators.

Read More

Protecting Personal Information & Sensitive Data In Mobile Health Apps

Mon 20 April 2020 By David Stewart

Category: Account Hijacking, Mobile App Authentication, Scrapers, Bots, API Security, Healthcare

Recent years have seen a move towards cloud platforms and mobile health apps for citizens -- applications and data processing systems that enable ordinary people to interact with their health providers, make appointments with medical professionals, order prescriptions, and gain on-demand access to their medical records. The ongoing COVID-19 pandemic is putting greater emphasis on this trend, as citizens clamour for the latest news, advice, and best practices, while government and health organisations look to digital technologies to help them develop treatment protocols, track the progress of the virus spread, and monitor the condition of all those affected.

Read More

Top 5 Threats to APIs Servicing Mobile Apps

Sun 29 March 2020 By David Stewart

Category: Fake Accounts, Scrapers, Bots, Repackaged Apps, MitM Attack, API Abuse, API Security

 

As mobile apps become increasingly paramount to operating successfully in today’s markets, a big question mark over API security is raised. Gartner has previously predicted that by 2022, “API abuses will be the most-frequent attack vector resulting in data breaches for enterprise web applications.” Since every mobile app out there is powered by APIs, securing them is clearly a top priority.

Read More

Blockchain renders online votes immutable, including fake votes!

Thu 19 March 2020 By David Stewart

Category: Fake Accounts, Bots, Repackaged Apps, API, MitM Attack, API Abuse, API Security

“It's the wave of the future,” declared the US State of West Virginia's Secretary of State of following a limited deployment of a blockchain-based voting app for the state's general midterm elections. For cybersecurity and election integrity advocates, however, the move was “an example of all the things states shouldn’t do when it comes to securing their elections.”

Read More

THE TOP 6 MOBILE API PROTECTION TECHNIQUES - ARE THEY ENOUGH?

Sat 22 December 2018 By Paulo Renato

Category: API Keys, Mobile App Authentication, Scrapers, Bots, Threats

APIs are a necessary and central part of the strategy of any digital business that wants to stay competitive and monetize its assets. Additionally, end users’ form factor of choice when using digital services is now firmly mobile. The trend towards APIs and mobile devices has moved the attack surface in a significant way and digital businesses must adapt and evolve their security policies accordingly.

Read More

APPROOV IN PARALLEL WITH USER AUTHENTICATION

Mon 22 January 2018 By Jae Hossell

Category: Business, Mobile App Authentication, Bots

In my last post in this series, I introduced Approov, the app authentication solution, and described how it tackles the problem of API protection in a novel and proactive way. In this post, I want to focus on the reasons API publishers need app authentication as part of their mobile security defense, and specifically why it should work alongside user authentication. In our discussions with new customers we often find that we need to explain the difference between the two as well as the contributions that each one provides.

Read More

IF YOU CAN'T MAKE IT, FAKE IT

Wed 22 November 2017 By Shona Hossell

Category: Business, Mobile App Authentication, Bots, Threats

As many social media platforms continue to experience incredible growth in popularity, the supporting apps, and the APIs that service them, remain top targets for bad actors. The ability to communicate quickly and indirectly with the platforms’ vast user bases make them ideal for spreading malware, phishing attacks, or fake news. Networks of automated accounts, gaining artificial levels of popularity and influence are often used to instigate attacks and the recent admission by Facebook that Kremlin linked propaganda may have been seen by as many as 126 million users gives us some idea of the scale of the threat and the ambition of the attackers.

Read More

Page 1 of 2