Dive into the high-stakes world of mobile app development and API security with Upwardly Mobile, your ultimate guide to defending apps in today’s volatile digital landscape. Hosted by Skye Macintyre and George McGregor, and proudly sponsored by Approov, the gold standard in mobile app attestation and API security. This podcast unpacks the evolving AI enabled threats and innovative solutions shaping mobile cybersecurity. Explore why built-in protection from Apple, Google, Samsung and Huawei often fall short, leaving sensitive data vulnerable. Learn how advanced techniques—like runtime attestation and dynamic API security—thwart attackers and secure your app ecosystem. Each episode delivers insights into major data breaches, emerging trends, and actionable strategies to fortify your apps and APIs against ever-advancing cyber threats. From development best practices to navigating compliance and regulation, Upwardly Mobile equips iOS, Android and HarmonyOS mobile developers, security professionals, and tech enthusiasts with the knowledge to safeguard their creations. Stay informed, stay secure, and stay ahead with expert guidance on the future of mobile cybersecurity. Subscribe now on Spotify and Apple Podcasts, and elevate your security game!
All content for Upwardly Mobile - API & App Security News is the property of Approov Mobile Security and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
Dive into the high-stakes world of mobile app development and API security with Upwardly Mobile, your ultimate guide to defending apps in today’s volatile digital landscape. Hosted by Skye Macintyre and George McGregor, and proudly sponsored by Approov, the gold standard in mobile app attestation and API security. This podcast unpacks the evolving AI enabled threats and innovative solutions shaping mobile cybersecurity. Explore why built-in protection from Apple, Google, Samsung and Huawei often fall short, leaving sensitive data vulnerable. Learn how advanced techniques—like runtime attestation and dynamic API security—thwart attackers and secure your app ecosystem. Each episode delivers insights into major data breaches, emerging trends, and actionable strategies to fortify your apps and APIs against ever-advancing cyber threats. From development best practices to navigating compliance and regulation, Upwardly Mobile equips iOS, Android and HarmonyOS mobile developers, security professionals, and tech enthusiasts with the knowledge to safeguard their creations. Stay informed, stay secure, and stay ahead with expert guidance on the future of mobile cybersecurity. Subscribe now on Spotify and Apple Podcasts, and elevate your security game!
Japan says Apple's Must Lift Browser Ban | Billions at Stake, and the Fight for Open Web on iOS
Upwardly Mobile - API & App Security News
14 minutes
3 months ago
Japan says Apple's Must Lift Browser Ban | Billions at Stake, and the Fight for Open Web on iOS
Apple's Enduring Browser Engine Ban: A Global Standoff for the Open Web Description: In this episode of Upwardly Mobile, we delve into Apple's persistent ban on third-party browser engines on iOS, a restriction that continues to stifle competition and limit the capabilities of web applications. Despite growing global pressure and explicit legal mandates like the EU's Digital Markets Act (DMA), Apple has maintained technical and contractual barriers that make it commercially unviable for other browser vendors like Google and Mozilla to offer their own engines on iOS . We explore why this ban matters for consumers, developers, and the future of the open internet. Key Discussion Points: • The Unique Ban: Apple is the only "gatekeeper" that imposes a ban on third-party browser engines, forcing all browsers on iOS to use its proprietary WebKit engine . This prevents genuine browser competition and limits the functionality and performance of web apps, hindering their ability to compete with native apps• Apple's Justifications vs. Reality: ◦ Apple claims its restrictions are for security, privacy, and system integrity . Apple's representatives, like Kyle Andeer and Gary Davis, assert that browser vendors have "everything they need" and have simply "chosen not to" port their engines. ◦ However, critics argue that Apple uses security and privacy as an "elastic shield" for its financial interests . Evidence does not suggest material differences in security performance between WebKit and alternative engines. Browser vendors, with their strong security track records, could even improve iOS security by competing• Barriers to Entry: The primary obstacles preventing alternative browser engines on iOS include: ◦ Loss of existing EU users: Browser vendors are forced to create entirely new apps, meaning they must abandon current users and start from scratch in the EU . This single requirement "destroys the business case". ◦ No web developer testing outside EU: Developers globally cannot test their web software on third-party engines on iOS for EU users . ◦ Hostile legal terms: Apple's contractual conditions are "harsh, one-sided, and incompatible with the DMA" . ◦ Uncertainty on updates for travelers: Apple has not confirmed that browser updates (including security patches) will not be disabled if an EU user travels outside the EU for more than 30 days . • Regulatory Pressure and Compliance: ◦ EU Digital Markets Act (DMA): Explicitly prohibits gatekeepers from requiring the use of their web browser engine. The DMA demands "effective compliance" and prohibits undermining obligations through technical or contractual means. Despite 15 months, no browser vendor has successfully ported an engine, indicating Apple's non-compliance. ◦ Japan's Smartphone Act (MSCA): Passed and will directly prohibit Apple's ban by December 2025 . Guidelines clarify that actions that hinder adoption, not just outright bans, are prohibited. It also mandates fair API access and prompt choice screens at initial smartphone setup. ◦ UK Competition and Markets Authority (CMA): Provisionally designated Apple (and Google) with "Strategic Market Status," highlighting Apple's browser engine ban and suppression of web app competition . The UK sees strong enforcement as crucial for economic growth and innovation, especially for startups.• Why Apple Resists: It's fundamentally about protecting revenue . ◦ Google Search Deal: Safari is Apple's "highest margin product," bringing in $20 billion annually from Google for default search engine status. Losing even 1% browser market share means a $200 million annual revenue loss . ◦ App...
Upwardly Mobile - API & App Security News
Dive into the high-stakes world of mobile app development and API security with Upwardly Mobile, your ultimate guide to defending apps in today’s volatile digital landscape. Hosted by Skye Macintyre and George McGregor, and proudly sponsored by Approov, the gold standard in mobile app attestation and API security. This podcast unpacks the evolving AI enabled threats and innovative solutions shaping mobile cybersecurity. Explore why built-in protection from Apple, Google, Samsung and Huawei often fall short, leaving sensitive data vulnerable. Learn how advanced techniques—like runtime attestation and dynamic API security—thwart attackers and secure your app ecosystem. Each episode delivers insights into major data breaches, emerging trends, and actionable strategies to fortify your apps and APIs against ever-advancing cyber threats. From development best practices to navigating compliance and regulation, Upwardly Mobile equips iOS, Android and HarmonyOS mobile developers, security professionals, and tech enthusiasts with the knowledge to safeguard their creations. Stay informed, stay secure, and stay ahead with expert guidance on the future of mobile cybersecurity. Subscribe now on Spotify and Apple Podcasts, and elevate your security game!
