Apple DeviceCheck and CriticalBlue Approov

Sat 27 April 2019 By David Stewart

Category: API Keys, Android, Mobile App Authentication, Repackaged Apps, Reverse Engineering, Threats, SafetyNet, DeviceCheck

Image credit

We are often asked by customers and prospects to compare our beloved Approov with Apple's DeviceCheck offering. Since DeviceCheck is intended to uniquely identify iOS phone instances then this is a reasonable question. However, DeviceCheck and Approov are designed to do quite different things and therefore we wrote a handy guide to help our customers appreciate when to employ each solution and why. You can download the guide from here.

Read More

Google SafetyNet and CriticalBlue Approov

Sat 27 April 2019 By David Stewart

Category: API Keys, Android, Mobile App Authentication, Repackaged Apps, Reverse Engineering, Threats, SafetyNet, DeviceCheck

Image credit

We are often asked by customers and prospects to compare our beloved Approov with Google's SafetyNet offering. Since SafetyNet is intended to identify genuine Android instances then this is a reasonable question. However, SafetyNet and Approov are designed to do quite different things and therefore we wrote a handy guide to help our customers appreciate when to employ each solution and why. You can download the guide from here.

Read More

A BRIEF INTRODUCTION TO APPROOV

Fri 19 January 2018 By Jae Hossell

Category: API Keys, Mobile App Authentication, Scrapers, Repackaged Apps

An article on wired summarises 25 data breaches that made headlines during 2017. The implication in the article, and the general impression of those who take an interest, is that 2018 will bring more of the same in an ever accelerating trend of discovery and disclosure. The growth in attacks indicates that companies of all sizes should continually raise the defensive bar and Approov raises that bar significantly. In this short post I will provide a high-level view of what Approov does and how it works.

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 4

Thu 18 January 2018 By Simon Rigg

Category: Integration, TLS, Mobile App Authentication, Repackaged Apps, A Series - ShipFast

Welcome back! This is the fourth and final part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various exploits in a mobile application to gain access to data on a remote server allowing real users of the system to gain an unfair business advantage at the expense of the company.

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 3

Wed 17 January 2018 By Simon Rigg

Category: Integration, TLS, Mobile App Authentication, Repackaged Apps, A Series - ShipFast

Welcome back! This is the third part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various exploits in a mobile application to gain access to data on a remote server allowing real users of the system to gain an unfair business advantage at the expense of the company.

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 2

Tue 16 January 2018 By Simon Rigg

Category: Integration, TLS, Mobile App Authentication, Repackaged Apps, A Series - ShipFast

Welcome back! This is the second part of a mini series which uses a fictional product, “ShipFast”, to walk you through the process of defending against various API security exploits in a mobile application to gain access to data on a remote server allowing real users of the system to gain an unfair business advantage at the expense of the company.

Read More

PRACTICAL API SECURITY WALKTHROUGH — PART 1

Fri 12 January 2018 By Simon Rigg

Category: Integration, TLS, Mobile App Authentication, Repackaged Apps, A Series - ShipFast

Welcome! A quick question: Do you know what’s using your API? Really?

Read More

THERE'S A FAKE APP FOR THAT

Tue 10 January 2017 By Skip Hovsmith

Category: Repackaged Apps, Threats

The well-respected Coach brand stands for authenticity, innovation, and relevance. They are a luxury brand, so you might be a bit surprised to find in mid-October that the Coach mobile app in the iTunes App Store was offering an extra 20 percent off bags, shoes and accessories. Act fast but watch out, because Coach doesn't really have an iPhone app!

Read More

Page 1 of 1