Mobile API Anti-abuse Protection: AppiCrypt® Is a New SafetyNet and DeviceCheck Attestation Alternative

Talsec
1 min readJun 1, 2022

--

The excellence in mobile security has allowed us to develop a ground-breaking enhancement for mobile API security. Let’s look at the AppiCrypt®, a powerful tool that provides proof of app and device integrity for backends. We will explain common questions about these similar technologies and the application domains they can cover.

Read original article here:

Mobile API Anti-abuse Protection with AppiCrypt®: A New Play Integrity and DeviceCheck Alternative | AppSec Articles (talsec.app)

Summary:

  • AppiCrypt Overview: AppiCrypt® is a tool for ensuring app and device integrity in mobile API security, providing cryptographic proof of client app authenticity and integrity.
  • API Security Challenges: Mobile APIs are vulnerable to attacks like information scraping, brute force attacks, and DDoS attacks. Traditional methods like API keys and SSL pinning are insufficient.
  • Comparison with Play Integrity: AppiCrypt offers advantages over Google’s Play Integrity, such as universal platform support, low latency, and no dependency on external services.
  • Application Domains: AppiCrypt is suitable for various devices and environments, including Android, iOS, EMV POS Terminals, and Kiosks.

written by Tomáš Soukal, Mobile Dev and Security Consultant at Talsec

https://talsec.app | info@talsec.app | Read also 5 Things John Learned Fighting Hackers of His App — A must-read for PM’s and CISO’s

--

--

No responses yet