Learn about building secure iOS apps. Discover how to safeguard your apps from current and future threats using the keychain, biometrics, asymmetric cryptography, and more.
Overview
Syllabus
Introduction
- Keeping your apps secure
- What you should know
- Security in iOS
- The Secure Boot
- Encryption and data protection
- Touch ID and Face ID
- Code signing
- Sandboxing
- Secure networking
- User privacy
- Purpose strings
- Request authorization for system features
- Adding the missing purpose string
- Exposing sensitive data through copying and pasting
- The pasteboard spy app
- Prevent pasteboard leakage without coding
- Prevent pasteboard leakage with coding
- Using an app-specific pasteboard
- Data leakage through app screenshots
- Clearing data before moving to the background
- Obscuring the snapshot before moving to the background
- Hacking the UserDefaults
- Keychain overview
- Implementing a Keychain wrapper
- Adding a value to the Keychain
- Using the Keychain wrapper
- Removing items from the Keychain
- Retrieve items from the Keychain
- Restore values from the Keychain
- File data protection overview
- Overriding the file protection level programmatically
- Using the new file protection level
- Implementing Touch ID
- Implementing the authentication logic
- Implementing Face ID
- Implementing Face ID continued
- Asymmetric cryptography overview
- Creating the private key
- Retrieving the private key from the Keychain
- Defining the asymmetric key accessors
- Performing asymmetric encryption
- Performing asymmetric encryption continued
- Performing asymmetric decryption
- Asymmetric encryption and decryption demo
- Next steps
Taught by
Karoly Nyisztor