Approov Blog

Mobile App Security (2)

With the implementation of the Digital Markets Act (DMA) in the EU, Apple is opening the possibility of installing apps from alternative apps stores. As discussed in Update on apps distributed in the European Union the intention is that all apps that can be installed must go through a notarization process, which signs the app package with a certificate from Apple. This will be a lighter (and fully automated) review process than will be applied to apps for the official Apple Store. Read Full Story

In today's digital age, mobile applications and APIs play a pivotal role in our daily lives. With the Android ecosystem being the dominant platform, the security of Android apps is a critical concern. Based on privacy concerns and a desire for openness more Android apps than ever are being developed without relying on Google Mobile Services (GMS), commonly known as non-GMS apps. Read Full Story

The iOS mobile app environment is undergoing significant transformations, partly due to the European Union's introduction of the Digital Markets Act (DMA), which is effective starting in March 2024. This new EU law has prompted changes and updates in operating systems and app stores, which are now influencing the iOS development landscape. Specifically, the release of iOS 17.4 introduces substantial modifications to the App Store, Read Full Story

This overview outlines the history and use of Apple DeviceCheck including the DeviceCheck App Attest feature. It will highlight how this security solution is used and highlight some limitations. We also compare and contrast Apple DeviceCheck and App Attest with the comprehensive mobile security offered by Approov. Read Full Story

In the ever-evolving landscape of mobile applications, especially those dealing with sensitive financial transactions, security is paramount. Approov, an advanced App and API security solution, takes a multifaceted approach to ensure the integrity of protected APIs, with a focus on the recently introduced Payment Card Industry (PCI) Mobile Payments on COTS (Commercial-off-the-Shelf) devices (MPoC) standard. Read Full Story

This is the second article in a guest blog series from Intellyx. You can read the first article here. Organizations, such as the Citi Consumer Bank when I was head of security architecture there, adopt a “mobile first” approach to application development. “Mobile first” means first developing a mobile application that delivers a great customer experience, and later focusing on developing other customer facing applications (such as a web app). Read Full Story

As we step into 2024, it's crucial to reflect on the cyber landscape of the past year, marked by significant breaches that underscore the persistent challenges in securing our digital lives. Here are some notable incidents that grabbed headlines: Read Full Story

Apple and MIT recently published a study indicating that 2.6 billion personal records were exposed through data breaches over the last two years. These findings underscore the need for protecting data in the cloud through mobile attestations and improved API security. Watches, wearables and other new types of mobile devices are now the weakest link in the mobile app threat landscape. Approov addresses this threat head on with Release 3.2 of the solution. While Release 3.2 includes other important enhancements (detailed in the Press Release), this blog specifically explores the crucial advancements made to enhance the security of the Apple Watch. Read Full Story

CyLab-Africa researchers partner with mobile security provider for summer collaboration experience Researchers from CyLab-Africa and the Upanzi Network recently partnered with the mobile security provider Approov to explore the security of common financial services apps used across Africa. After surveying 224 popular financial applications, the researchers found that 95 percent of these Android apps exposed secrets that can be used to reveal personal and financial data. Across these applications, approximately 272 million users have the potential to be victims of the security flaws. Read Full Story

In recent years, the tech world has witnessed a significant shift towards what are known as "super apps." These mobile applications have become increasingly popular, offering a plethora of services within a single, convenient platform. While they present numerous opportunities for users and businesses, they also bring forth a set of unique challenges, particularly in the realm of mobile security. Read Full Story