Mobile App Attestation

Complete App and Device Integrity without Backend Integration Headaches

Both Android’s SafetyNet/Play Integrity and iOS’s DeviceCheck/App Attest provide capabilities to check app integrity and to give some assurance that your backend is interacting with the authentic app.

But the integration of these is complex, especially in the backend. You also need to consider usage quotas and uptime guarantees. The app checks also take some time to execute so can’t be performed on every API call so you must also persist the trust between the attestations. These OS facilities alone can’t provide all the fine grain security controls you might need.

Approov integrated attestation

Approov mobile app protection provides:

  • Seamless and consistent protection across Android and iOS
  • Advanced app attestation with highly granular, policy-driven blocking of any tampering in the client environment
  • Uniform Android SafetyNet and iOS DeviceCheck integration creating a powerful threat management framework.
  • Protection against Man-in-the-middle attacks with dynamic TLS pinning
  • Protection of 3rd party API keys with no change to backend APIs
  • Immediate over-the-air updates and dynamic management of all certificates and API keys
  • Industry-standard authenticity tokens for easy backend verification

See How Approov Builds on SafetyNet and DeviceCheck

Approov adds greater control and consistency across SafetyNet and DeviceCheck - simple integration and ongoing operations in one easy to use package for both Android and iOS.

CriticalBlue (developer of Approov) will use the personal information you provide to send you the content requested and information about our services. You may unsubscribe from these communications at any time. For information on how to unsubscribe, as well as our privacy practices and commitment to protecting your privacy, check out our Privacy Policy.

© 2022 CriticalBlue, Ltd.