THE PROBLEM OF API ABUSE

Tue 18 October 2016 By Richard Taylor

Category: Mobile App Authentication, Bots

The number of devices connected to the internet has exploded in recent years as everyone becomes permanently attached to their phone or tablet. As the number of mobile users has increased, there has been movement away from websites towards mobile apps. Large companies can gain more information about users when they use their app, and can also provide a more fully featured experience by offering offline functionality or by making use of the phone’s camera, accelerometer or GPS. Users tend to prefer them as well because they offer a richer experience. 

Read More

SIMPLE APP AUTHENTICATION

Mon 26 September 2016 By Johannes Schneiders

Category: API Keys, Mobile App Authentication, Scrapers, Bots, Reverse Engineering

Suppose your mobile app relies on a back-end server that holds sensitive data or just data that you do not want to be manipulated or copied freely. You trust your own app to do everything right, but what about bots exploiting your API or if someone steals and subverts your app?

Read More

BOT MITIGATION CHALLENGES IN THE MOBILE WORLD

Tue 09 August 2016 By Richard Taylor

Category: Scrapers, Bots

Bots are everywhere, crawling all over the internet. Some are good, cataloguing websites and enabling you to search for pictures of cats with ease. Others are all about information gathering, theft and fraud, are known as API abuse, and are bad news. More and more time is being spent accessing the Internet from mobile devices, and apps are becoming increasingly important as the software performing this access. Apps are a new and challenging arena for existing bot mitigation techniques and attackers are starting to shift their focus from the mobile web channel to mobile apps to try and circumvent current protection mechanisms.

Read More

Page 2 of 2