We're Hiring!

Approov Blog

Rethinking Mobile App Security in Apple's Ecosystem

May 21, 2024

Apple has long maintained that the robust security measures built into its devices negate the need for additional protections. This confidence was highlighted by Kyle Andeer at a European Union workshop, where he asserted that third-party or even first-party security services were unnecessary thanks to Apple's integrated security. But is this assurance misleading, potentially leaving critical data at risk? Read Full Story

Dynamic Certificate Pinning for Secure Mobile Communication

May 14, 2024

This is the final article in a guest blog series from Intellyx. Find the full series here. A “man in the middle” (MitM) attack is one of the most serious types of attacks on the Internet. An MitM attack has the capability to divert or copy an entire flow of messages and steal login credentials, bank account numbers, credit card numbers, social security numbers, and generate denial of service attacks. Read Full Story

How Does Your App Rate Against the 2024 OWASP Mobile Top Ten Risks?

May 7, 2024

In case you didn't notice, the OWASP Mobile Top 10 List was just updated, for the first time since 2016! This is important for developers since this list represents the list of the most crucial mobile application security risks in 2024. This blog explains how this fits in with other OWASP security guidelines, summarizes each of the 10 risks and discusses some possible next steps for developers. Read Full Story

Approov and Fintech Scotland Partner to Boost AI Security in Fintech

April 12, 2024

In a groundbreaking move for the fintech industry, Approov Limited, a leading provider of advanced mobile app and API security solutions, is thrilled to announce its new membership with Fintech Scotland, the strategic cluster organization fostering innovation, collaboration, and economic growth in the Scottish financial technology sector. Read Full Story

5 Threats to Mobile Games and 5 Essential Security Measures

March 19, 2024

Gaming Means Mobile Gaming With the rise in popularity, mobile games have become a massive target for hackers, and cybersecurity should be a priority for both developers and players. However recent research shows that mobile games are still not well protected. This could be due to developers struggling to prioritize the long list of overlapping threats which must be mitigated, or concern around the possible negative impact of security solutions on customer experience. Read Full Story

Embracing an API First, Security Driven Strategy

March 19, 2024

Adopting an API-first approach in mobile app development emphasizes the design and development of APIs as foundational elements before focusing on the application's user interface or other components. This method treats APIs as primary building blocks, ensuring they cater to various clients (e.g., web, mobile, third-party applications) efficiently and effectively. Read Full Story

Overview of Singapore Safe App Standard for Mobile App Security

March 19, 2024

On January 10th 2024 the Cyber Security Agency of Singapore (CSA) published V1.0 of the Singapore Safe App Standard. This is intended to help app developers and providers enhance mobile app security. The standard provides a common security benchmark and guidance to app developers and providers on the necessary security controls and best practices to better protect any mobile applications, and in so doing, enhance the protection of user data and app transactions. It is intended to cover apps developed or deployed in Singapore. Read Full Story

Why Hackers Love Phones - Keep your Eye on the Device

March 12, 2024

This is the third article in a guest blog series from Intellyx. Catch up on the first article here. Maintaining a corporate cybersecurity posture means locking down its threat surface – all points of potential compromise that ‘black hat’ hackers might use to penetrate the corporate network. Of all these points of compromise, among hackers’ favorites are smartphones and other handheld devices. Every device is an open door for hackers, as they are replete with vulnerable apps that connect to back-end services and networks. Read Full Story

EU Fines Apple $2B: A Milestone for App Security and Developer Liberty

March 5, 2024

In a landmark decision, the European Union has fined Apple nearly $2 billion, citing unfair rules set by the tech giant for developers of music-streaming apps. This fine underscores a critical conversation about the balance between platform control and the autonomy of app developers, especially in choosing security solutions and payment methods. Read Full Story

The Impact of EU's Digital Markets Act on 3rd Party App Security

February 26, 2024

With the implementation of the Digital Markets Act (DMA) in the EU, Apple is opening the possibility of installing apps from alternative apps stores. As discussed in Update on apps distributed in the European Union the intention is that all apps that can be installed must go through a notarization process, which signs the app package with a certificate from Apple. This will be a lighter (and fully automated) review process than will be applied to apps for the official Apple Store. Read Full Story