The heart of tech

This article was published on June 15, 2016


Apple says all apps must use its ATS security protocol by end of 2016

Apple says all apps must use its ATS security protocol by end of 2016
Nate Swanner
Story by

Nate Swanner

Former Reporter, TNW

TNW's former West Coast writer in the PNW (Portland, Oregon). Nate loves amplifying developers, and codes in Swift when he's not writing. If TNW's former West Coast writer in the PNW (Portland, Oregon). Nate loves amplifying developers, and codes in Swift when he's not writing. If you need to get in touch, Twitter is your best bet.

Moving forward, apps on iOS that communicate with a server will be more secure, as Apple is making its App Transport Security (ATS) feature mandatory.

By the end of 2016, apps submitted to the App Store will need to adopt the protocol, which secures communication between an app and its server.

Ahead of the announcement in a session at WWDC, Apple only suggested that developers use ATS as soon as possible. It’s on by default in iOS 9 and macOS (OS X?) 10.11.

Apple notes ATS “prevents accidental disclosure” of personal information, and “provides secure default behavior” for apps.

It’s something developers should have seen coming, really. Apple’s increased dedication to privacy birthed this feature, and it hasn’t let up on its position at any point.

It also makes sense for those with subscription apps who want to host content on their own servers. By forcing the hand of developers who may have lazily overlooked ATS, Apple is making sure what’s transmitted is entirely secure.

ATS’ current language states apps can access insecure domains, but Apple requires that they be detailed in the Info.plist documentation for each app.

Also tagged with