Tuesday, September 1, 2020 [Tweets] [Favorites]

App Attest

Bruno Rocha:

As (possibly) a response to jailbreaking become popular again in recent times, Apple has released their own measure to this problem. In iOS 14, the new App Attest APIs provide you a way to sign server requests as an attempt to prove to your server that they came from an uncompromised version of your app.

It’s important to know that App Attest is not a “is this device jailbroken?” check, as that has been proven over and over to be impossible to pinpoint. Instead, it aims to protect server requests in order to make it harder for hackers to create compromised versions of your app that unlock premium features or inserts features like cheats.

[…]

As you can’t trust your app to protect itself, App Attest requires work on your backend to be fully implemented.

Comments

Stay up-to-date by subscribing to the Comments RSS Feed for this post.

Leave a Comment