{ "id": "896b6dc9-d30f-47ed-bbcf-a92243230c49", "created_at": "2026-04-06T02:11:16.256619Z", "updated_at": "2026-04-10T13:12:37.8395Z", "deleted_at": null, "sha1_hash": "c933bd85d955630abf02b453072dd4f29f176fe3", "title": "Apple will require HTTPS connections for iOS apps by the end of 2016", "llm_title": "", "authors": "", "file_creation_date": "0001-01-01T00:00:00Z", "file_modification_date": "0001-01-01T00:00:00Z", "file_size": 35582, "plain_text": "Apple will require HTTPS connections for iOS apps by the end of\r\n2016\r\nBy Kate Conger\r\nPublished: 2016-06-15 · Archived: 2026-04-06 01:53:13 UTC\r\nDuring a security presentation at Apple’s Worldwide Developers’ Conference, the company revealed the deadline\r\nfor all apps in its App Store to switch on an important security feature called App Transport Security — January 1,\r\n2017.\r\n“Today, I’m proud to say that at the end of 2016, App Transport Security is becoming a requirement for App Store\r\napps,” Apple’s head of security engineering and architecture, Ivan Krstic, said during a WWDC presentation.\r\n“This is going to provide a great deal of real security for our users and the communications that your apps have\r\nover the network.”\r\nApp Transport Security, or ATS, is a feature that Apple debuted in iOS 9. When ATS is enabled, it forces an app to\r\nconnect to web services over an HTTPS connection rather than HTTP, which keeps user data secure while in\r\ntransit by encrypting it.\r\nThe “S” in HTTPS helpfully stands for secure and you’ll often see it appear in your browser when logging into\r\nyour banking or email accounts. But mobile apps often aren’t as transparent with users about the security of their\r\nweb connections, and it can be hard to tell whether an app is connecting via HTTP or HTTPS.\r\nEnter ATS, which is enabled by default for iOS 9. However, developers can still switch ATS off and allow their\r\napps to send data over an HTTP connection — until the end of this year, that is. (For technical crowd: ATS\r\nrequires TLS v 1.2, with exceptions for already encrypted bulk data, like media streaming.)\r\nAt the end of 2016, Apple will make ATS mandatory for all developers who hope to submit their apps to the App\r\nStore. App developers who have been wondering when the hammer would drop on HTTP can rest a little easier\r\nnow that they have a clear deadline, and users can relax with the knowledge that secure connections will be forced\r\nin all of the apps on their iPhones and iPads.\r\nIn requiring developers to use HTTPS, Apple is joining a larger movement to secure data as it travels online.\r\nWhile the secure protocol is common on login pages, many websites still use plain old HTTP for most of their\r\nconnections. That’s slowly changing as many sites make the arduous transition to HTTPS (Wired has been\r\nparticularly good at documenting the process).\r\nTechcrunch event\r\nSan Francisco, CA | October 13-15, 2026\r\nKate Conger was a writer at TechCrunch, covering policy and security.\r\nhttps://techcrunch.com/2016/06/14/apple-will-require-https-connections-for-ios-apps-by-the-end-of-2016/\r\nPage 1 of 2\n\nView Bio\r\nSource: https://techcrunch.com/2016/06/14/apple-will-require-https-connections-for-ios-apps-by-the-end-of-2016/\r\nhttps://techcrunch.com/2016/06/14/apple-will-require-https-connections-for-ios-apps-by-the-end-of-2016/\r\nPage 2 of 2", "extraction_quality": 1, "language": "EN", "sources": [ "MITRE" ], "origins": [ "web" ], "references": [ "https://techcrunch.com/2016/06/14/apple-will-require-https-connections-for-ios-apps-by-the-end-of-2016/" ], "report_names": [ "apple-will-require-https-connections-for-ios-apps-by-the-end-of-2016" ], "threat_actors": [], "ts_created_at": 1775441476, "ts_updated_at": 1775826757, "ts_creation_date": 0, "ts_modification_date": 0, "files": { "pdf": "https://archive.orkl.eu/c933bd85d955630abf02b453072dd4f29f176fe3.pdf", "text": "https://archive.orkl.eu/c933bd85d955630abf02b453072dd4f29f176fe3.txt", "img": "https://archive.orkl.eu/c933bd85d955630abf02b453072dd4f29f176fe3.jpg" } }