Posts Tagged: API security

Securing the IoT for Decades to Come

In 2007 Kevin Kelly gave a TED talk in which he forecasted how the World Wide Web would look 5000 days into the future, prophesizing the emergence of the IoT and AI. He envisioned a more connected planet where all manufactured goods tap into a single, global, intelligent network. Read more

Review of Approov for Mobile API Security

Unfortunately, the reality of mobile apps is that at some point, someone is going to try to do something they’re not allowed to. Whether this is through brute-forcing keys, spoofing identities, or simply issuing distributed attacks across the application’s server dependencies, the threat to public-facing APIs in the mobile space is real, dangerous, and often inefficiently mitigated. Read more

How to Handle Batch Processing with OAuth 2.0

Recently on the Nordic APIs channel we’ve had a few people ask — how do you handle batch processes that are secured with OAuth 2.0? Batch requests are ones executed automatically or programmed to repeat recurringly.

Usually we use OAuth to confirm user identity for API calls, but the problem is that OAuth 2.0 isn’t really designed for batch processing. Read more

How Pokemon Go fans hacked 'em all hackers

How Pokémon Go Fans Hacked ‘Em All: And How to Prevent Similar Reverse-Engineering

Every developer hopes for huge user bases populated by large amounts of monthly users. People using an application to its potential in the thousands, if not hundreds of thousands, is a dream come true. Unfortunately for API services, with a greater deal of exposure comes a marked increase in vulnerability. Read more

First API implementation planning whiteboard

First Time API Implementation for Entrepreneurs

Any business or organization in the world can bring an API to market, but APIs are increasingly synonymous with the startup world. Entrepreneurs are using APIs to deliver their products for a number of reasons:

  • They can provide a convenient, easily understood and accessible mechanism for getting an MVP in front of customers;
  • Having an API in the market can provide crucial insight into the value of your product through feedback from the developer community;
  • An API can be one of several channels for delivering your product or may be the product itself.
Read more