During Apple’s most recent Worldwide Developers’ Conference (WWDC), Ivan Krstić, head of Apple’s Security Engineering and Architecture, revealed new security rules for mobile development companies present in the Apple Store. The feature, known as App Transport Security (ATS), is mandatory starting from January 1, 2017.
ATS compels apps to use encrypted HTTPS connection instead of insecure HTTP, thus making safe data transition possible. This feature was introduced first in iOS 9. However, developers are able to switch it off and still use the vulnerable HTTP protocol. That practice ends when this year ends.