Security in iOS Apps

It’s incredibly important in FinTech!

Steven Curtis
4 min readApr 29, 2023
Photo by Franck on Unsplash


Man-in-the-middle: An attack where the attacker sits between a user and the server.

Public-key cryptography: A cryptographic system using two keys: a public key known to everyone and a private key. The private key can be used to read unencrypted messages encrypted with the public key, but the reverse is not true.

Public key infrastructure (PKI): A set of roles, policies, hardware, software, and procedures needed to distribute, use, store, and revoke digital certificates and manage public-key encryption.

Secure Socket Layer (SSL): Encrypted client-server communication over HTTP (as specified by HTTPS).

The Article

This article is about security, and how that might be implemented in an App where security is important (in an area like FinTech).

Some Options

App Transport Security (ATS)

The Problem ATS Is Trying To Solve

ATS requires that HTTP connections made with URLSession use secure HTTPS connections rather than the insecure HTTP connections. HTTPS uses TLS (SSL) to encrypt normal HTTP requests and responses, and makes it much more secure to…