Apple to make HTTPS connections mandatory for iOS apps by 2017
It looks like Apple’s war for encryption is not over yet. It continued even at the WWDC 2016 event that took place in San Francisco. On Wednesday, the company announced during the security presentation that it will require all the iOS apps to use HTTPS connection as a compulsion by January 1,2017.
This announcement was first reported by TechCrunch and basically, it deals with a feature called App Transport Security (ATS), which was first seen in iOS 9. So now, Apple will require all apps to make sure that they enforce the ATS, which will, in turn, make all connections HTTPS instead of HTTP.
For those of you who are unfamiliar with HTTPS, it is the secure version of HTTP, which is a protocol for data communication online.
Currently, Apple has not made it mandatory for the developers to use ATS in their apps, however, now, as it gets compulsory, the data will be more secure.
This is an important announcement for the developers. Apple is yet to announce the details of the repercussion that it will levy on the defaulters. This year’s WWDC was big on encryption with the keynote sessions full of reference regarding the differential privacy and end-to-end encryption.
“Today, I’m proud to say that at the end of 2016, App Transport Security is becoming a requirement for App Store apps,” Apple’s head of security engineering and architecture, Ivan Krstic, said during a WWDC presentation. “This is going to provide a great deal of real security for our users and the communications that your apps have over the network.”
APFS is another major announcement that the company made during the conference. APFS or Apple File System is the replacement for the aging HFS+ file system that the company has been using until now. It will majorly deal with sorting out the storage and the security threats that are associated with SSDs.