How Should API Keys be Stored?

June 27, 2022

Mobile app developers keep hearing that they shouldn’t store API keys in their app code but they don’t hear where they should store them. In this article we discuss the topic and provide some practical solutions. Read Full Story

How To Add Security To Your Mobile App

June 21, 2022

In a previous article, we discussed “When do we add security into our app and onto our APIs?” The conclusion was to do it as soon as possible! That said, there are still choices to be made so in this article we explore how you should decide on appropriate protections for your mobile app and APIs. Read Full Story

How to Prevent API Abuse

May 27, 2022

API abuse, when the API is used in an unexpected way, is a growing problem in software development and one of the leading attack vectors cybercriminals exploit. According to a recent security research report that surveyed more than 200 enterprise security professionals, there was a 21.32% growth in malicious API call volume between December 2020 and December 2021. The same study also established that 95% of respondents had suffered an API security incident in the past year. Read Full Story

How Can I Protect My Mobile API?

May 26, 2022

As any mobile developer knows, APIs are the foundation of any mobile app strategy. They allow developers to quickly and efficiently access the data and functionality they need to build amazing apps. This article outlines a 5 step checklist to make sure your mobile platform is adopting best practice security. Read Full Story

When To Add Security To Your New Mobile App

May 23, 2022

Whether you are a brand new company bringing a mobile-centric digital service to market, or an established company introducing a new mobile offering, there will - hopefully - come a time when someone asks “When do we add security into our app and onto our APIs?” In this article we explore this question and provide some guidance on how to reach the right conclusion for your business. Read Full Story

What Are the Most Common Types of Mobile Man-in-the-Middle Attacks?

May 18, 2022

A Man-in-the-Middle attack can come in multiple forms. This article describes these and how you can mitigate such attacks. Read Full Story

What Does Certificate Pinning Protect Against?

May 17, 2022

Certificate pinning is a security measure that mobile app developers can use to improve the security of their apps. It ensures that your app only connects with a backend API via TLS if the presented certificate chain includes at least one certificate public key that is known to be trusted. This means that the app is not simply reliant on the contents of the trust store on its device, but also requires an additional level of verification. Read Full Story

How is Certificate Pinning Done?

May 17, 2022

Certificate Pinning is a security technique that involves binding a cryptographic certificate to a specific host or domain. This ensures that the app and server communications are protected from man-in-the-middle attacks. Developers can use Certificate Pinning to safeguard against malicious certificates and ensure that only certificates issued by a trusted Certificate Authority (CA) are accepted. When used correctly, Certificate Pinning can be an effective security measure.  Read Full Story

The Risks & Rewards of Travel by Mobile

May 12, 2022

    After a couple of false starts, we are finally emerging from behind the shadow of the Covid pandemic. Some businesses prospered explosively during it as people suddenly needed to access key services remotely, such as the fintech and healthcare sectors; others were forced to deal with an almost instant switch-off of commercial activity, for example the travel and tourism markets. In this article we will look at the travel sector and anticipate what kinds of security challenges might lie ahead as the market evolves and recovers. Read Full Story

What Is In-App Protection?

April 19, 2022

In-app protection refers to the security features built into mobile apps. These features help protect the app and the data it contains from unauthorized access, theft, or tampering. Below, we discuss in-app protection and why it’s crucial for mobile app development. Read Full Story