In the digital age, social media platforms often face a critical trade-off: move fast and risk security breaches, or slow down to lock down data. For WeAre8—a purpose-engineered platform that redistributes value to creators, users, and communities—compromising on either wasn't an option.With approximately $50 million in annual revenue and a highly engaged global user base, WeAre8 treats user trust as its most valuable currency. To scale security alongside growth—especially as they prepare to launch internal digital wallets and integrated financial ecosystems—WeAre8 partnered with Approov to revolutionize their API security.
Here is how they did it.
Operating a fast-growing platform with an agile engineering team meant that manual security management was no longer sustainable. Standard approaches to mobile security often required tedious code updates and frequent maintenance, diverting critical developer resources away from core product innovation. WeAre8 needed an automated solution that could secure their mobile applications against sophisticated threats without introducing friction for their users or overhead for their team.
Approov provided a comprehensive, automated approach to mobile API protection through three core pillars:
Approov ensures that only genuine, untampered versions of the WeAre8 app running on safe mobile devices can access their backend APIs. This effectively blocks scripts, bots, and modified apps from executing malicious requests.
Traditional certificate pinning protects mobile traffic from Man-in-the-Middle (MitM) attacks but is notoriously difficult to manage manually, often leading to app crashes when certificates expire. Approov automates and manages this entire lifecycle, allowing WeAre8 to update certificates dynamically over the air without requiring an app store update.
Hardcoding API keys and secrets within a mobile app exposes them to reverse-engineering. Approov manages and delivers these secrets dynamically at runtime, ensuring they are only revealed to verified, secure instances of the app.
To discover the outcomes and explore the full story, read the case study here.