Robotemi arrived on the scene in late 2015, and the Temi platform was launched globally 2 years later. It has attracted a lot of attention in leading publications such as Forbes and Reuters because of its potential to make a significant and positive impact on people’s lives.
We experienced an attack against one of our API endpoints which caused one of our key features to go Out of Service.
Ben Levy, VP R&D, Robotemi
The development team knew of course that the deployed robots would be communicating with the company’s exposed API endpoints and that sensitive data would be accessible there if not properly protected.
Considering the anticipated rapid speed of deployment of the Robotemi platform and also that mainland China was one of the main growth market opportunities dictated that the high grade security was not negotiable.
The team wanted to protect their public API endpoints from being accessed by unauthorized parties. The real threat was that attackers would use modified apps or scripts which generate correctly formed API requests, and it would be very difficult to detect and block them.
Robotemi set about creating and applying a home-grown anti-tamper solution, but the R&D team quickly recognized that anti-tamper was just one of the features needed to truly defeat the bad actors, and also that maintaining in-house security solutions against ongoing emerging threats would be a significant undertaking.
Following the integration and test of Approov in the Robotemi app, it only remained to verify that customers in China could successfully be secured by the service. The teams jointly architected a solution where traffic is proxied through existing Robotemi infrastructure to the Approov cloud service. It was tested at scale and found to be fit for purpose.
We've had an amazing journey with Approov. Our need for a solution in mainland China kicked it off and yielded a quick and efficient collaboration between our teams. Later the Approov team alerted us when they noticed a bunch of bad requests to our account. The bottom line is that we have noticed a reduction in the attacks against our service, and we feel this solution just works and puts us in a more secure state.