In a previous post we discussed the benefits of using Apple’s DeviceCheck API to verify that an HTTP request originated from a legitimate iOS device. Now we’ll go a step further and look at the App Attest service, which can establish trust with an instance of an iOS App using keys issued by Apple.
Posts Tagged security
Mobile APIs are a common target for attempting to exploit a web server, and there are typically many layers of security built into a web infrastructure. We will discuss how an application server can determine that requests are coming from a legitimate source, in this case a trusted mobile app running on a mobile device.