Advertisement

Apple’s Attest API tool aims to tighten app security

The data protection technique is similar to an existing program for Android.
(Getty Images)

Apple released a new tool for developers that aims to better protect the user data that flows through iOS apps.

The company’s App Attest API, a new software tool meant to “protect against security threats to your app on iOS 14 or later, reducing fraudulent use of your services,” according to an Aug. 3 bulletin to developers. App Attest API generates a cryptographic key on a user’s device that aims to authenticate that an app is what it appears, and ensure that a phone isn’t transmitting user data to a fraudulent app designed to steal their usernames and passwords or other information.

Security researchers specializing in iPhones have long said that it’s difficult to determine whether hackers have successfully breached an individual device, in part because of the way Apple limits visibility onto its machines. If an app is trying to exceed its authorized permissions, it’s a challenge for forensic researchers to examine that behavior. This API aims to reduce the likelihood that programs are behaving in a malicious way.

Apple’s program resembles Google’s SafetyNet, a mobile security framework designed to protect Android devices from a similar type of threat.

Advertisement

The data protection technique comes as hackers and scammers increasingly have sought to use mobile apps as a foothold into mobile devices. By using one malicious app to infiltrate an iPhone, hackers can collect data from other programs and about device functionality, learning sensitive information, or subscribing victims to expensive paid services without their permission.

Jeff Stone

Written by Jeff Stone

Jeff Stone is the editor-in-chief of CyberScoop, with a special interest in cybercrime, disinformation and the U.S. justice system. He previously worked as an editor at the Wall Street Journal, and covered technology policy for sites including the Christian Science Monitor and the International Business Times.

Latest Podcasts