iOS Development: Security

Learn about building secure iOS apps. Discover how to safeguard your apps from current and future threats using the keychain, biometrics, asymmetric cryptography, and more.

Introduction

• Keeping your apps secure
• What you should know

1. iOS Security Fundamentals

• Security in iOS
• The Secure Boot
• Encryption and data protection
• Touch ID and Face ID
• Code signing
• Sandboxing
• Secure networking
• User privacy

2. User Data Protection

• Purpose strings
• Request authorization for system features
• Adding the missing purpose string
• Exposing sensitive data through copying and pasting
• The pasteboard spy app
• Prevent pasteboard leakage without coding
• Prevent pasteboard leakage with coding
• Using an app-specific pasteboard
• Data leakage through app screenshots
• Clearing data before moving to the background
• Obscuring the snapshot before moving to the background
• Hacking the UserDefaults

3. The Keychain

• Keychain overview
• Implementing a Keychain wrapper
• Adding a value to the Keychain
• Using the Keychain wrapper
• Removing items from the Keychain
• Retrieve items from the Keychain
• Restore values from the Keychain

4. File Data Protection

• File data protection overview
• Overriding the file protection level programmatically
• Using the new file protection level

5. Securing Apps Using Biometrics

• Implementing Touch ID
• Implementing the authentication logic
• Implementing Face ID
• Implementing Face ID continued

6. Cryptographic APIs/Interfaces

• Asymmetric cryptography overview
• Creating the private key
• Retrieving the private key from the Keychain
• Defining the asymmetric key accessors
• Performing asymmetric encryption
• Performing asymmetric encryption continued
• Performing asymmetric decryption
• Asymmetric encryption and decryption demo

Conclusion

• Next steps