We're Hiring!

Approov Blog
iOS

EU Fines Apple $2B: A Milestone for App Security and Developer Liberty

March 5, 2024

In a landmark decision, the European Union has fined Apple nearly $2 billion, citing unfair rules set by the tech giant for developers of music-streaming apps. This fine underscores a critical conversation about the balance between platform control and the autonomy of app developers, especially in choosing security solutions and payment methods. Read Full Story

The Impact of EU's Digital Markets Act on 3rd Party App Security

February 26, 2024

With the implementation of the Digital Markets Act (DMA) in the EU, Apple is opening the possibility of installing apps from alternative apps stores. As discussed in Update on apps distributed in the European Union the intention is that all apps that can be installed must go through a notarization process, which signs the app package with a certificate from Apple. This will be a lighter (and fully automated) review process than will be applied to apps for the official Apple Store. Read Full Story

Cybersecurity Implications of the Digital Markets Act & Apple iOS 17.4

February 6, 2024

The iOS mobile app environment is undergoing significant transformations, partly due to the European Union's introduction of the Digital Markets Act (DMA), which is effective starting in March 2024. This new EU law has prompted changes and updates in operating systems and app stores, which are now influencing the iOS development landscape. Specifically, the release of iOS 17.4 introduces substantial modifications to the App Store, Read Full Story

Revealing the Limitations of Apple DeviceCheck and Apple App Attest

January 29, 2024

This overview outlines the history and use of Apple DeviceCheck including the DeviceCheck App Attest feature. It will highlight how this security solution is used and highlight some limitations. We also compare and contrast Apple DeviceCheck and App Attest with the comprehensive mobile security offered by Approov. Read Full Story

Approov Addresses Apple Watch Security Issues

December 18, 2023

Apple and MIT recently published a study indicating that 2.6 billion personal records were exposed through data breaches over the last two years. These findings underscore the need for protecting data in the cloud through mobile attestations and improved API security. Watches, wearables and other new types of mobile devices are now the weakest link in the mobile app threat landscape. Approov addresses this threat head on with Release 3.2 of the solution. While Release 3.2 includes other important enhancements (detailed in the Press Release), this blog specifically explores the crucial advancements made to enhance the security of the Apple Watch. Read Full Story

React Native Automated Quickstart

April 12, 2021

The new React Native Approov Quickstart provides automated integration of Approov API threat protection for most React Native apps. Read Full Story

Clubhouse Needs A Bouncer

February 26, 2021

Even if you only have a vague interest in app security I’m sure the recent furore around Clubhouse hasn’t escaped your attention. There is significant buzz around this invite-only iOS app. Enabling live audio chat rooms between participants, it sets the expectation that these interactions are somewhat private and certainly not recorded. With big celebrity names such as Elon Musk, Kanye West and Oprah Winfrey as users there is a significant demand for a coveted invite. Read Full Story

Man-in-the-Middle (MitM): Myths and Legends

January 6, 2021

Man-in-the-Middle (MitM), or more correctly Person-in-the-Middle, is the technique of inserting yourself into API traffic to observe or manipulate requests and transactions as they pass by. In this article we’ll look at how it’s done and what you should do to prevent it, exploding a few misapprehensions on the way. Read Full Story

Root and Jailbreak - To Ban or Not to Ban?

November 4, 2020

Rooting Android phones and jailbreaking Apple phones are generally considered to be bad things to do and strong indicators of evil intent. In this article we will explore this position a little deeper and dig into the topic. We’ll discover that the truth is much more nuanced than that and one size does indeed not fit all. Finally we will propose the methodology you should consider when setting your security policies. Read Full Story

Approov Dynamic Pinning - An Independent View

June 26, 2020

Our friends at Rakuten have written a blog about their opinions of and experiences with the Approov dynamic pinning capability. You can read it here. It’s always nice to be able to point at independent material about Approov because, although we think very highly of it, we may be somewhat biased! Read Full Story