Mobile App Attestation

Complete App and Device Integrity without Backend Integration Headaches

Both Android’s SafetyNet/Play Integrity and iOS’s DeviceCheck/App Attest provide capabilities to check app integrity and to give some assurance that your backend is interacting with the authentic app.

The integration of these is complex, especially in the backend. You need to consider usage quotas and uptime guarantees. The app checks also takes time to execute. It can’t be performed on every API call so you must persist the trust between the attestations. These OS facilities alone can’t provide all the fine grain security controls you might need.

Approov integrated attestation

Approov mobile app protection provides:

  • Seamless and consistent protection across Android and iOS
  • Advanced app attestation with highly granular, policy-driven blocking of any tampering in the client environment
  • Uniform Android SafetyNet and iOS DeviceCheck integration creating a powerful threat management framework.
  • Protection against man-in-the-middle attacks with dynamic TLS pinning
  • Protection of third-party API keys with no change to backend APIs
  • Immediate over-the-air updates and dynamic management of all certificates and API keys
  • Industry-standard authenticity tokens for easy backend verification

See How Approov Builds on SafetyNet and DeviceCheck

Approov adds greater control and consistency across SafetyNet and DeviceCheck - with simple integration and ongoing operations in one easy to use package for both Android and iOS.

CriticalBlue (developer of Approov) will use the personal information you provide to send you the content requested and information about our services. You may unsubscribe from these communications at any time by clicking the link at the bottom of our emails. For information on our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.

© 2024 CriticalBlue, Ltd.