App Transport Security

Four 'App Transport Security' stories March 2016 - February 2017

Popular apps with 18 million combined downloads in the App Store found vulnerable to silent data interception

Greg Barbosa Feb 6 2017 - 2:00 pm PT

After scanning through the binary codes of applications in the iOS App Store, Will Strafach’s verify.ly service has detected that 76 popular apps in the store are currently vulnerable to data interception. The interception is possible regardless if App Store developers are using App Transport Security or not. A few months ago, similar vulnerabilities were discovered with Experian and myFICO Mobile’s iOS apps.

Expand
Expanding
Close

Verify.ly service launches providing consumers with a security warning label for apps

Greg Barbosa Aug 16 2016 - 9:27 am PT

0 Comments

Consumers downloading apps from the App Store have to rely on Apple’s approval process for vetting insecure applications, and even then there isn’t a guarantee that Apple hasn’t missed something crucial. Just last year hundreds of apps in the App Store had been found to be using private APIs to collect private user data, a violation of the App Review Guidelines. The recently launched public beta test of Will Strafach’s Verify.ly service looks to provide a “warning label for apps” to everyday consumers.

Expand
Expanding
Close

Apple tells developers all apps must connect securely to servers by January 1st, 2017

Ben Lovejoy Jun 15 2016 - 5:27 am PT

0 Comments

iPhone-locked

While Apple introduced its App Transport Security feature in iOS 9, which ensured that all connections between apps and servers must be encrypted, it wasn’t compulsory for developers to use it – and Google even helped them disable it.

All this will end on January 1st next year, reports TechCrunch, when Apple will require all apps to use HTTPS connections to servers to ensure that only encrypted data is transmitted …

Expand
Expanding
Close

Multiple iOS apps found to be harvesting Snapchat user credentials

Greg Barbosa Mar 8 2016 - 9:15 am PT

7 Comments

Users of third-party Snapchat apps may want to delete them and change their passwords on the social media platform as soon as possible. New discoveries revealed today point to the fact that multiple third-party Snapchat apps are sending copies of user credentials over non-secure connections to their own servers.

Expand
Expanding
Close