Gotta Block ‘Em All – Observations on Controlling Access to Mobile APIs using the Pokemon Go Example

David Stewart Aproov/CriticalBlue

If you publish a mobile app that uses an API then you may have just inadvertently opened that API to the world. Pokemon Go grabbed headlines as hackers rapidly reverse engineered its private API and built an army of unapproved bots and mapping tools. There is a lesson for us all here. Exposing rich APIs which may attract the attention of bots designed with the intention of scraping valuable data from your backend servers or abusing your API in a myriad of different ways. Using Pokemon Go as an example, this presentation will explain the cat and mouse games with bots that can emerge when you deploy a successful app, and what steps you should take to protect your mobile API in those circumstances.

Smarter Tech Decisions Using APIs

Smarter Tech Decisions Using APIs

API blog

High impact blog posts and eBooks on API business models, and tech advice

API conferences

Connect with market leading platform creators at our events

API community

Join a helpful community of API practitioners

API Insights Straight to Your Inbox!

Can't make it to the event? Signup to the Nordic APIs newsletter for quality content. High impact blog posts on API business models and tech advice.

Join Our Thriving Community

Become a part of our global community of API practitioners and enthusiasts. Share your insights on the blog, speak at an event or exhibit at our conferences and create new business relationships with decision makers and top influencers responsible for API solutions.