Apple to Launch App Transport Security by killing Unencrypted Internet

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)

Apple’s annual WWDC (Worldwide Developers Conference) has just shut its doors for 2015. In San Francisco, Apple developers (iOS, OS X) flocked to hear the conference to hear about Apple’s upcoming features in Apps and Software development.

Apple App Transport Security - iOS 9

On iOS Developer Library – Pre-Release platform, Apple have announced the new features of iOS 9, and the most important feature is iOS 9’s security update called App Transport Security (ATS).

What is App Transport Security?

ATS is a feature which requires an app to communicate with its related external servers over HTTPS. This is done via a declaration in its Info.plist file. ATS will be a major increase in security for Apple developers & users as it will prevent apps from accidental disclosure and offers secure environments.

ATS is similar to HSTS (HTTP Strict Transport Security). It is essentially a way to enforce HTTPS and entirely abandon HTTP so that all data transferred is encrypted and authenticated.

If you are developing a new Apple Application then you need to add this feature and if you are an existing app developer you need to start supporting ATS feature in your App.

The ATS feature will also be introduced to the newest version of OS X (OS X 10.11).

Why Apple is serious about adding ALS in iOS & OS X

Today hackers & cybercriminals are monitoring user’s activity by installing malware, adware, ransomware, etc… in their devices; These makes the device vulnerable & attackers can take control of it; they can breach user’s personal & financial information, call logs, SMS data, images, videos, important documents, etc… Researchers find a major vulnerability behind these attacks is lack of security in applications. Securing applications with schemes such as ATS is the only solution to fight back against these attacks.

Frederic Jacobs, researchers & iOS developer, tweeted about the intelligent privacy features in iOS 9.

He also said, ‘Apple may reject an application which is not secured with HTTPS’. Apple has not yet declared when it will be mandatory to support ATS, but it will be mandatory for all apps to use ATS.

Apple has shown they care about the security of its user’s data and information. Their latest effort has reinforced to end their support for HTTP in the upcoming version of their operating systems, iOS (iOS 9) & OS X (OS X 10.11), and to deprecate un-encrypted content.

As ATS will become a mandatory feature in the iOS 9 & OS X 10.11, Apple encourages all developers to migrate from HTTP to HTTPS ASAP.

Windows 10 Stealing User’s Bandwidth : Know how to Stop It
Tracker SSL - New Chrome Extension to Track SSL Encryption
This entry was posted in Web Security by Mit Gajjar. Bookmark the permalink.

About Mit Gajjar

I have been working as SSL security expert for 6 years and i have assisted to plenty of users to solve their technical issues while installation of SSL certificates on their web servers. It’s really great experience working with Platinum Partner Company CheapSSLSecurity to offer the most reliable SSL certificate security solution on the internet. Being Platinum Partner Company of Symantec, GeoTrust Thawte, Comodo, and RapidSSL, CheapSSLSecurity offers the cheapest SSL certificates security on the internet which starts at just only $3.20/yr.