Enforce TLS Versions in Android and iOS apps

The TLS/SSL protocol has been around for a very long time, and as such, it supports a wide range of cryptographic algorithms for establishing a secure communication channel and communicating over it.

Every secure connection begins with a “handshake” during which several parameters of the communication are decided. One of which is the version of the protocol:

  • SSL 3.0 (released in 1996)
  • TLS 1.0
  • TLS 1.1
  • TLS 1.2 (released in 2008)
  • TLS 1.3 (released in August 2018, not yet fully adopted)

Old versions of the protocol carry some vulnerabilities. Attacks like POODLE and BEAST rely on exploiting weaknesses of older implementations of TLS.

A very effective countermeasure against this class of attacks is to only use the latest version.

Limiting TLS Version Quickly and Easily 

Implementing and especially maintaining such measures is a difficult task. Sometimes the source code is not available, and more often the services are on uncontrolled endpoints.

Appdome is a mobile integration platform as a service (iPaaS) that allows users to add a wide variety of features, SDKs, and APIs to Android and iOS apps. Using a simple ‘click to add’ user interface, Appdome allows anyone to easily implement Trusted Session Inspection to any mobile app – instantly, no code or coding required.

Using Appdome, there are no development or coding prerequisites. For example, there is no Appdome SDK, libraries, or plug-ins to implement enforcement of TLS version. TLS cipher spec enforcement can be added to any iOS or Android app in seconds, with no code or coding.

Prerequisites

How to Add TLS Version Enforcement to Any Mobile App on Appdome 

Follow these step-by-step instructions to enforce the TLS version:

Upload a Mobile App to Your Account

Please follow these steps to add a mobile app to your Appdome account.
If you don’t have an Appdome account, click here to create an account.

From the “Build” tab, go to the Security menu.

  1. Click  Secure Communications to expand the bundle.
  2. Click on the toggle to enable Trusted Session.
  3. Expand Session Management.
  4. Toggle the “Enforce TLS Version” switch
  5. (Optional) Enable +DEV Events to configure this security alert on your app.
  6. Click Build My App

The technology behind Build My App has two major elements – (1) a micro-service architecture filled with 1000s of code sets needed for mobile integrations, and (2) an adaptive code generation engine that can recognize the development environment, frameworks and methods in each app and match the app to the relevant code-sets needed to add the requested service to the mobile app in seconds.

Congratulations! When your integration is complete, you will see the notice below. You now have a mobile app fully integrated with Enforce TLS Version. And as an added benefit, you are enforcing data in transit encryption for your app.

What to do After I Build My App?

After you have added TLS version enforcement to any Mobile App on Appdome, there are a few additional steps needed to complete your mobile integration project.

That is it – Your applications will now reject any communication that does not meet the recommended version requirements.

How Do I Learn More?

You can read about all the properties and features of various TLS versions in Wikipedia.

If you are interested in limiting other aspects of TLS, you should check out how you can Enforce Communications’ Cipher Suites.

This feature is just one of many offered in the course of Trusted Session Inspection.

To zoom out on this topic, visit Appdome for Mobile App Security on our website.

If you have any questions, please send them our way at support@appdome.com or via the chat window on the Appdome platform.

Thank you!

Thanks for visiting Appdome! Our mission is to make mobile integration easy. We hope we’re living up to the mission with your project. If you don’t already have an account, you can sign up for free.

Dany Zatuchna

Have a question?

Ask an expert

ZoeMaking your security project a success!