We're Hiring!

Approov Blog

Japan’s New Smartphone Act - Why It Matters For Mobile Security

July 8, 2024

The Japanese Regulation in Context On June 12 2024 the Japanese Government passed into law the Act on Promotion of Competition for Specified Smartphone Software (SSCPA) or simply the Smartphone Act. Read Full Story

Limitations of Huawei HarmonyOS Safety Detect: What You Need to Know

July 1, 2024

This overview outlines the development and adoption of Huawei HarmonyOS and the associated security solution Safety Detect, highlighting some limitations with the approach. As regulations such as the EU DMA force the use of alternative app stores, the dependence of Huawei security features on the use of the Huawei AppGallery app store and ecosystem will also prove to be problematic for developers. We also compare and contrast Huawei HarmonyOS Safety Detect with the comprehensive mobile security offered by Approov. Read Full Story

Stopping Mobile App Bots Doesn't Need to Be This Complicated

June 24, 2024

Let’s talk about bots. And be a little provocative. A review of bot solutions (see previous blog) reveals a common assumption that I think is misleading: Namely that separating good from bad bots and blocking the bad ones is complicated and requires elaborate solutions using machine learning, AI and whatnot. This common understanding is wrong. If your organization is using mobile apps you can easily and effectively block ANY unwanted automated traffic which is not coming from a legitimate and unmodified app and do this consistently and without generating false positives. Intrigued? Then read on. Read Full Story

Enhancing Mobile Payment Security: A Comprehensive Approach with Approov

June 16, 2024

Mobile payment systems are increasingly popular, offering convenience and speed for consumers and businesses alike. However, the security of these systems remains a significant concern, especially with the rising number of cyber threats targeting financial transactions. This blog post will explore the essential aspects of mobile payment security and how Approov can provide a robust solution to protect mobile applications and their backend APIs. Read Full Story

Addressing Security Threats in Connected Car Mobile Apps with Approov

June 8, 2024

In today's increasingly connected world, the automotive industry has not been immune to the transformative power of mobile technology. Connected car mobile apps offer a plethora of functionalities, from remote start to navigation and diagnostics. However, with these advancements come significant security threats. In this article, we will delve into the key security threats faced by connected car mobile apps and how Approov's innovative mobile security solutions mitigate these risks. Read Full Story

Approov Announces Support for the Unity Engine- Strengthening Mobile Game Security

May 30, 2024

As the mobile gaming industry continues to grow, so does the importance of robust security measures. Game developers face increasing pressure to protect their apps and user data from sophisticated cyber threats. In response, Approov has launched a Quickstart for UnityWebRequest, designed to enhance the security of mobile games developed using Unity. This initiative not only simplifies the integration of advanced security features but also underscores the importance of app attestation in safeguarding mobile applications. Read Full Story

UK DMCC Legislation: A New Era for Mobile App Security?

May 24, 2024

On May 24, 2024, after passing its final parliamentary stages, the UK Digital Markets, Competition, and Consumers (DMCC) Bill is pass after achieving royal assent. This landmark legislation aims to enhance competition and innovation within digital markets, impacting the mobile ecosystem dominated by tech giants Apple and Google. The DMCC Bill is designed to address and mitigate monopolistic behaviours that have stifled competition and innovation, ensuring a more equitable and dynamic digital marketplace. Similar to the European Union’s Digital Markets Act, this legislation may lead to changes in the way mobile apps are built, secured and distributed within the United Kingdom. Read Full Story

Rethinking Mobile App Security in Apple's Ecosystem

May 21, 2024

Apple has long maintained that the robust security measures built into its devices negate the need for additional protections. This confidence was highlighted by Kyle Andeer at a European Union workshop, where he asserted that third-party or even first-party security services were unnecessary thanks to Apple's integrated security. But is this assurance misleading, potentially leaving critical data at risk? Read Full Story

Dynamic Certificate Pinning for Secure Mobile Communication

May 14, 2024

This is the final article in a guest blog series from Intellyx. Find the full series here. A “man in the middle” (MitM) attack is one of the most serious types of attacks on the Internet. An MitM attack has the capability to divert or copy an entire flow of messages and steal login credentials, bank account numbers, credit card numbers, social security numbers, and generate denial of service attacks. Read Full Story

How Does Your App Rate Against the 2024 OWASP Mobile Top Ten Risks?

May 7, 2024

In case you didn't notice, the OWASP Mobile Top 10 List was just updated, for the first time since 2016! This is important for developers since this list represents the list of the most crucial mobile application security risks in 2024. This blog explains how this fits in with other OWASP security guidelines, summarizes each of the 10 risks and discusses some possible next steps for developers. Read Full Story