This article was published on June 15, 2016

Apple says all apps must use its ATS security protocol by end of 2016


Apple says all apps must use its ATS security protocol by end of 2016

Moving forward, apps on iOS that communicate with a server will be more secure, as Apple is making its App Transport Security (ATS) feature mandatory.

By the end of 2016, apps submitted to the App Store will need to adopt the protocol, which secures communication between an app and its server.

Ahead of the announcement in a session at WWDC, Apple only suggested that developers use ATS as soon as possible. It’s on by default in iOS 9 and macOS (OS X?) 10.11.

Apple notes ATS “prevents accidental disclosure” of personal information, and “provides secure default behavior” for apps.

It’s something developers should have seen coming, really. Apple’s increased dedication to privacy birthed this feature, and it hasn’t let up on its position at any point.

It also makes sense for those with subscription apps who want to host content on their own servers. By forcing the hand of developers who may have lazily overlooked ATS, Apple is making sure what’s transmitted is entirely secure.

ATS’ current language states apps can access insecure domains, but Apple requires that they be detailed in the Info.plist documentation for each app.

Get the TNW newsletter

Get the most important tech news in your inbox each week.

Also tagged with