Security Guidelines and best practices for iOS apps | Hindi tutorial

In this session we will discuss iOS security guidelines and best practices for iOS app. We will be taking about various guidelines of security for the iOS app development to ensure that attackers are not able to sniff out sensitive information about the user Given are the chapters in the video 0:00 introduction 0:17 sensitive and non-sensitive user data 2:00 encrypt everything is bad 2:26 mobile dev assumptions on data security 5:10 mobile dev is not responsible for 5:52 guideline 1: avoid storing sensitive data in plain text or has format 6:35 codecat15 opinion: against storing sensitive information in keychain 8:02 codecat15 recommendation to store sensitive data 9:41 guideline 2: implement face id and passcode 10:30 guideline 3: encrypting the mobile database 11:52 is core data encrypted by default 13:23 guideline 4: apis must implement OAuth flow 14:25 encrypt request body only if it contains sensitive data 14:39 guideline 5: SSL pinning 17:01 guideline 6: testing security implementation 17:37 key take away 18:06 thank you for watching ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ✅ Subscribe to the channel and stay ahead of everyone by following the right way for writing clean code in swift. 🔥🔥🔥🔥🔥 🔗Click on the link to subscribe: https://www.youtube.com/c/codecat?sub_confirmation=1 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ ----------------------------------------------------------------------------------------------------------------------- Documentation link mentioned in the video are as follows: Encrypting your app's file: https://developer.apple.com/documentation/uikit/protecting_the_user_s_privacy/encrypting_your_app_s_files Apple on jailbroken device: https://support.apple.com/en-us/HT201954 OWASP guideline on jail broken device: https://owasp.org/www-project-mobile-top-10/2016-risks/m2-insecure-data-storage Implementing face id and touch id in your app: https://developer.apple.com/documentation/localauthentication/logging_a_user_into_your_app_with_face_id_or_touch_id Keychain dumper: https://github.com/ptoomey3/Keychain-Dumper SSL kill switch 2: https://github.com/nabla-c0d3/ssl-kill-switch2 Core data is encrypted by default from iOS 5 onwards: https://developer.apple.com/library/archive/releasenotes/General/WhatsNewIniOS/Articles/iOS5.html#//apple_ref/doc/uid/TP30915195-SW1 SSL pinning code examples: Configure server certificates: https://developer.apple.com/news/?id=g9ejcf8y Implementing ssl pinning: https://www.kodeco.com/1484288-preventing-man-in-the-middle-attacks-in-ios-with-ssl-pinning Store private keys in Secure Enclave: https://developer.apple.com/documentation/security/certificate_key_and_trust_services/keys/protecting_keys_with_the_secure_enclave ############################################ Connect with me on social media Instagram: codecat15 📧: [email protected] 🐦: https://twitter.com/codecat15 Facebook: https://www.facebook.com/code.cat.792 Github: https://github.com/codecat15 ########################################### #iosSecurity #mobilesecurity #iosSecurityGuideline