You are using an older browser version. Please use a supported version for the best MSN experience.

Apple will require HTTPS connections for iOS apps by the end of 2016

TechCrunch TechCrunch 14/06/2016 Kate Conger

During a security presentation at Apple’s Worldwide Developers’ Conference, the company revealed the deadline for all apps in its App Store to switch on an important security feature called App Transport Security — January 1, 2017.

App Transport Security, or ATS, is a feature that Apple debuted in iOS 9. When ATS is enabled, it forces an app to connect to web services over an HTTPS connection rather than HTTP, which keeps user data secure while in transit by encrypting it.

The “S” in HTTPS helpfully stands for secure and you’ll often see it appear in your browser when logging into your banking or email accounts. But mobile apps often aren’t as transparent with users about the security of their web connections, and it can be hard to tell whether an app is connecting via HTTP or HTTPS.

Enter ATS, which is enabled by default for iOS 9. However, developers can still switch ATS off and allow their apps to send data over an HTTP connection — until the end of this year, that is.

At the end of 2016, Apple will make ATS mandatory for all developers who hope to submit their apps to the App Store. App developers who have been wondering when the hammer would drop on HTTP can rest a little easier now that they have a clear deadline, and users can relax with the knowledge that secure connections will be forced in all of the apps on their iPhones and iPads.

In requiring developers to use HTTPS, Apple is joining a larger movement to secure data as it travels online. While the secure protocol is common on login pages, many websites still use plain old HTTP for most of their connections. That’s slowly changing as many sites make the arduous transition to HTTPS (Wired has been particularly good at documenting the process).

More from TechCrunch

image beaconimage beaconimage beacon