Approov Blog

API Security

In a groundbreaking move for the fintech industry, Approov Limited, a leading provider of advanced mobile app and API security solutions, is thrilled to announce its new membership with Fintech Scotland, the strategic cluster organization fostering innovation, collaboration, and economic growth in the Scottish financial technology sector. Read Full Story

Gaming Means Mobile Gaming With the rise in popularity, mobile games have become a massive target for hackers, and cybersecurity should be a priority for both developers and players. However recent research shows that mobile games are still not well protected. This could be due to developers struggling to prioritize the long list of overlapping threats which must be mitigated, or concern around the possible negative impact of security solutions on customer experience. Read Full Story

Adopting an API-first approach in mobile app development emphasizes the design and development of APIs as foundational elements before focusing on the application's user interface or other components. This method treats APIs as primary building blocks, ensuring they cater to various clients (e.g., web, mobile, third-party applications) efficiently and effectively. Read Full Story

This is the third article in a guest blog series from Intellyx. Catch up on the first article here and the second one here. Maintaining a corporate cybersecurity posture means locking down its threat surface – all points of potential compromise that ‘black hat’ hackers might use to penetrate the corporate network. Of all these points of compromise, among hackers’ favorites are smartphones and other handheld devices. Every device is an open door for hackers, as they are replete with vulnerable apps that connect to back-end services and networks. Read Full Story

This overview outlines the history and use of Apple DeviceCheck including the DeviceCheck App Attest feature. It will highlight how this security solution is used and highlight some limitations. We also compare and contrast Apple DeviceCheck and App Attest with the comprehensive mobile security offered by Approov. Read Full Story

This is the second article in a guest blog series from Intellyx. You can read the first article here. Organizations, such as the Citi Consumer Bank when I was head of security architecture there, adopt a “mobile first” approach to application development. “Mobile first” means first developing a mobile application that delivers a great customer experience, and later focusing on developing other customer facing applications (such as a web app). Read Full Story

As we step into 2024, it's crucial to reflect on the cyber landscape of the past year, marked by significant breaches that underscore the persistent challenges in securing our digital lives. Here are some notable incidents that grabbed headlines: Read Full Story

This overview outlines the history and use of Google Play Integrity API and highlights some limitations. We also compare and contrast Google Play Integrity API with the comprehensive mobile security offered by Approov. The imminent deprecation of Google SafetyNet Attestation API means this is a good time for a comprehensive evaluation of solutions in this space. Read Full Story

CyLab-Africa researchers partner with mobile security provider for summer collaboration experience Researchers from CyLab-Africa and the Upanzi Network recently partnered with the mobile security provider Approov to explore the security of common financial services apps used across Africa. After surveying 224 popular financial applications, the researchers found that 95 percent of these Android apps exposed secrets that can be used to reveal personal and financial data. Across these applications, approximately 272 million users have the potential to be victims of the security flaws. Read Full Story

This is the first article in a guest blog series by Jason Bloomberg, Managing Partner, Intellyx Focusing on user authentication, including multi-factor authentication, is not enough to put mobile at the center of your cybersecurity strategy. It is essential to ensure the integrity of devices, applications, and communication channels, along with securing API access. Read Full Story