Security Guidelines and best practices for iOS apps | Hindi tutorial

9 Comments | Software By · 04/06/2023



Security Guidelines and best practices for iOS apps | Hindi tutorial

Security Guidelines and best practices for iOS apps | Hindi tutorial

In this session we will discuss iOS security guidelines and best practices for iOS app. We will be taking about various guidelines of security for the iOS app development to ensure that attackers are not able to sniff out sensitive information about the user

Given are the chapters in the video

0:00 introduction
0:17 sensitive and non-sensitive user data
2:00 encrypt everything is bad
2:26 mobile dev assumptions on data security
5:10 mobile dev is not responsible for
5:52 guideline 1: avoid storing sensitive data in plain text or has format
6:35 codecat15 opinion: against storing sensitive information in keychain
8:02 codecat15 recommendation to store sensitive data
9:41 guideline 2: implement face id and passcode
10:30 guideline 3: encrypting the mobile database
11:52 is core data encrypted by default
13:23 guideline 4: apis must implement OAuth flow
14:25 encrypt request body only if it contains sensitive data
14:39 guideline 5: SSL pinning
17:01 guideline 6: testing security implementation
17:37 key take away
18:06 thank you for watching

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

βœ… Subscribe to the channel and stay ahead of everyone by following the right way for writing clean code in swift. πŸ”₯πŸ”₯πŸ”₯πŸ”₯πŸ”₯

πŸ”—Click on the link to subscribe: https://www.youtube.com/c/codecat?sub_confirmation=1

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
———————————————————————————————————————–

Documentation link mentioned in the video are as follows:

Encrypting your app’s file:
https://developer.apple.com/documentation/uikit/protecting_the_user_s_privacy/encrypting_your_app_s_files

Apple on jailbroken device:
https://support.apple.com/en-us/HT201954

OWASP guideline on jail broken device:
https://owasp.org/www-project-mobile-top-10/2016-risks/m2-insecure-data-storage

Implementing face id and touch id in your app:
https://developer.apple.com/documentation/localauthentication/logging_a_user_into_your_app_with_face_id_or_touch_id

Keychain dumper:
https://github.com/ptoomey3/Keychain-Dumper

SSL kill switch 2:
https://github.com/nabla-c0d3/ssl-kill-switch2

Core data is encrypted by default from iOS 5 onwards:
https://developer.apple.com/library/archive/releasenotes/General/WhatsNewIniOS/Articles/iOS5.html#//apple_ref/doc/uid/TP30915195-SW1

SSL pinning code examples:
Configure server certificates: https://developer.apple.com/news/?id=g9ejcf8y
Implementing ssl pinning: https://www.kodeco.com/1484288-preventing-man-in-the-middle-attacks-in-ios-with-ssl-pinning

############################################

Connect with me on social media
Instagram: codecat15
πŸ“§: [email protected]
🐦: https://twitter.com/codecat15
Facebook: https://www.facebook.com/code.cat.792
Github: https://github.com/codecat15

###########################################

#iosSecurity #mobilesecurity #iosSecurityGuideline

Comments are closed.

53GB.COM GPTSTORE CPU Yougpt Gptsio Gpt-store-Nav