Apple in iOS 14 added a new App Attest API to the DeviceCheck feature that helps keep iOS apps secure. Apple today sent out a reminder to developers, letting them know about the new API.
App Attest is designed to reduce fraudulent app use, generating a cryptographic key on a device to verify app integrity before the server provides access, which will help cut down on hacked apps and apps that are sideloaded and modified through jailbreak tweaks.
Part of the DeviceCheck services, the new App Attest API helps protect against security threats to your apps on iOS 14 or later, reducing fraudulent use of your services. With App Attest, you can generate a special cryptographic key on a device and use it to validate the integrity of your app before your server provides access to sensitive data.
Apple also shared developer documentation on implementing the App Attest API for developers that are interested. Apple has had a DeviceCheck feature to eliminate hacked apps and app fraud, but App Attest is new, will be more widely adopted, and should help further protect developers from supporting invalid versions of their apps.