In 2015, “white hat” hackers remotely attacked a Jeep Cherokee and left it paralyzed on the side of a highway. They returned in 2016 with an in-vehicle hack to prove that things could get much worse. In 2017, researchers from an IT security company analyzed some of the most popular mobile apps from car manufacturers to find that every app was vulnerable to attacks in some shape or form. In 2018, the number of Black Hat attacks overtook White Hat incidents for the first time in the history of Smart Mobility.
This is the second article in our 3 part review of trends in the Mobility market. If you missed the first part, you can find it here.
Electric vehicles (EVs), with a mere 1.7% market share in 2019, are still at least a few years away from going mass market. This segment is expected to hit mass market adoption by 2025 and then build up to a share of about half of all new car sales by 2040.
This is the first article in a 3 part review of trends in the Mobility market. The complete series can be found here.
The Mobility market has become a key sector for Approov deployment over the last few years. Therefore we thought it would be interesting to take a look at this market in detail, to understand its underlying forces and trends. This is the first of a series of 3 blog articles on the topic.
Last year, the global car market posted its sharpest decline in sales – by 3 million according to one study, 4 million according to another – since the financial crisis of the last decade. The worse news is that neither study predicts a quick return to normal growth any time soon. In fact, 2022 is the earliest estimate for a global recovery.
As APIs become a critical part of almost every business, the need to build a robust API security strategy grows infinitely. API calls account for 83% of web traffic, according to the Akamai 2019 [state of the internet] / security: Retail Attacks and API Traffic report. The largest API directory now lists nearly 22,000 public APIs, up from 12,000 in 2015. A majority of companies now consider APIs to be critical to business strategy and imperative for developing partner ecosystems, enhancing customer value and creating new revenue opportunities. Cloud Elements, in its third annual State of API Integration report, recently found that businesses planned to deploy an average of 18 new APIs in 2019, compared to just 11.5 in 2018.
Two particularly challenging forms of API abuse are Aggregation and Cheating as a Service. In both these cases your own users are enabling and sometimes funding the individuals and organizations abusing your APIs.
Our first batch of business level attacks are Data Scrapers and Account Hijack. We also take a look at the lucrative business of Fake Account Factories.
2017 has seen our customers tackling a wide range of abuse and misuse of their Mobile APIs. We are seeing multiple approaches where the business process transparency provided by APIs has resulted in exploitation. Time for a retrospective...
Once you've started using Approov, we find it unlikely that you will want to cancel. However, it is a legitimate concern for potential users and, as we have a quick and simple cancellation process, I am happy to address it here. First up, consider the following scenario at the point of cancellation:
Happy to announce that we are partnering with the great people at Positive Technologies to provide comprehensive protection across both Mobile and Web Channels. See the full press release for details on the API security partners.