API Protection Requires Both User and App Authentication
As an API provider, you register and authenticate users and identify the app they are calling from, but is that enough to protect access and your revenue stream from malicious actors?
Whitelists and Indirection Go Together Like Chocolate and Peanut Butter
Android may have its treats, but for app and API security, whitelists and indirection used together are their own taste sensation.
Have you ever tried to launch an app only to see your digital assets lost to a tiny hole in your API security? Do you worry that you’ll lose control of your application and anger your user base?
Hands On Mobile API Security: Pinning Client Connections
Add Certificate Pinning to Your API Key Proxy to improve mobile security
Hands On Mobile API Security - Using a Proxy to Protect API Keys
Get rid of client secrets by introducing an API Key Proxy to improve mobile security