We're Hiring!

Approov Blog
Mobile App Authentication (2)

How to Prevent API Abuse on Mobile Apps

December 2, 2022

API abuse is a growing concern in today's digital landscape, with criminals finding new and innovative ways to exploit APIs for their own gain. According to a recent study by Salt Security, "malicious API attack traffic surged 117% over the past year, from an average of 12.22 million malicious calls per month to an average of 26.46 million calls." This article explores the topic as it relates to mobile centric businesses. Read Full Story

Can I Share My API Key?

November 28, 2022

An API key is a token provided by a client when making API calls. It is used to authenticate and authorize access to specific resources. In this article, we answer the question, "Can I share my API key?" and provide some guidance on when it is appropriate to do so. Read Full Story

Why Should You Keep Your API Key Secure?

July 12, 2022

Attacks against APIs are increasing and API key protection is central to minimizing your business risks. In this article we’ll look at what your exposures are and what you should do about it. Read Full Story

Hands-on Mobile App and API Security - Runtime Secrets Protection

July 4, 2022

In a previous article we saw how to protect API keys by using Mobile App Attestation and delegating the API requests to a Proxy. This blog post will cover the situation where you can’t delegate the API requests to the Proxy, but where you want to remove the API keys (secrets) from being hard-coded in your mobile app to mitigate against the use of static binary analysis and/or runtime instrumentation techniques to extract those secrets. Read Full Story

How To Add Security To Your Mobile App

June 21, 2022

In a previous article, we discussed “When do we add security into our app and onto our APIs?” The conclusion was to do it as soon as possible! That said, there are still choices to be made so in this article we explore how you should decide on appropriate protections for your mobile app and APIs. Read Full Story

How to Prevent API Abuse

May 27, 2022

API abuse, when the API is used in an unexpected way, is a growing problem in software development and one of the leading attack vectors cybercriminals exploit. According to a recent security research report that surveyed more than 200 enterprise security professionals, there was a 21.32% growth in malicious API call volume between December 2020 and December 2021. The same study also established that 95% of respondents had suffered an API security incident in the past year. Read Full Story

How Can I Protect My Mobile API?

May 26, 2022

As any mobile developer knows, APIs are the foundation of any mobile app strategy. They allow developers to quickly and efficiently access the data and functionality they need to build amazing apps. This article outlines a 5 step checklist to make sure your mobile platform is adopting best practice security. Read Full Story

When To Add Security To Your New Mobile App

May 23, 2022

Whether you are a brand new company bringing a mobile-centric digital service to market, or an established company introducing a new mobile offering, there will - hopefully - come a time when someone asks “When do we add security into our app and onto our APIs?” In this article we explore this question and provide some guidance on how to reach the right conclusion for your business. Read Full Story

The Risks & Rewards of Travel by Mobile

May 12, 2022

After a couple of false starts, we are finally emerging from behind the shadow of the Covid pandemic. Some businesses prospered explosively during it as people suddenly needed to access key services remotely, such as the fintech and healthcare sectors; others were forced to deal with an almost instant switch-off of commercial activity, for example the travel and tourism markets. In this article we will look at the travel sector and anticipate what kinds of security challenges might lie ahead as the market evolves and recovers. Read Full Story

How Do You Make a Mobile App Secure?

April 10, 2022

Mobile apps are an integral part of our lives, but all too often, they're not secure. Over the years, several high-profile cases of mobile app data being stolen or compromised have hit the headlines. Uber, for example, had to pay $148 million to settle claims when hackers accessed the personal information of 25 million customers and drivers. In this article we'll look at some of the main insecurities in mobile platforms and how you should approach protecting your mobile business. Read Full Story