BrainBlog for Approov by Eric Newcomer
It’s never been more important to offer a mobile app for your customers, clients, and partners.
Mobile devices increasingly execute ecommerce transactions, which means that cybercriminals increasingly target mobile devices.
What does this mean for cybersecurity?
Breaking into a mobile device exposes the back end APIs that device calls. These APIs may be protected by keys, but how well are the API keys protected?
It’s understandable that many organization’s security policies focus primarily on protecting the server side apps.
However, a mobile device has the secret key to the front door, as it were – the key to the server side APIs.
The more mobile devices become part of daily life, the more they become significant sources of risk to those server side apps.
What should we do about it?
As ecommerce shifts more and more to mobile devices, it makes more and more sense to think about mobile device secrets the same way we think about server side secrets, and use a vault to protect them.
Click here to read the entire article.