![Approov-logo-white.webp]](https://approov.io/hs-fs/hubfs/2023%20Logos/Approov-logo-white.webp?height=40&name=Approov-logo-white.webp){kind=logo}
Mobile API Security
Measures and practices to protect & safeguard mobile API endpoints by ensuring secure data transmission, and enforcing authentication mechanisms.
Runtime Secrets
TLS Certificate Pinning
- Static Certificate Pinning vs. Dynamic Certificate Pinning
- Is it possible to bypass Certificate Pinning?
- What is Certificate Pinning?
- Why do we need Certificate Pinning?
- OWASP Top 10 Mobile Risks - M5: Insecure Communication
- Should we use HTTPS or TLS Certificate Pinning to protect Mobile APIs?
- How Approov Managed Trust Roots and Dynamic Pinning Eliminate Man-in-the-Middle Threats
Secure API Authentication
- Why does my mobile app need an API key?
- Can Approov help differentiate API calls made from my genuine app from an app that's impersonating mine by providing all the necessary headers and credentials?
- OWASP Top 10 Mobile Risks - M3: Insecure Authentication/Authorization Threat Agents
- How to Implement Zero Trust for Mobile Apps
- What is API Fuzzing?
- Does Approov Detect and Prevent GameGuardian?
- Integrating Approov with Fastly Compute@Edge and WAF