How to provide a secure connection to the site's API in a WinPhone application?

T

t00z2015-11-25 21:22:37

API

t00z, 2015-11-25 21:22:37

Hello!
How to ensure a "closed" connection to the API of your own site when developing a mobile application for windows phone?
That is, so that the id / password by which the access_token will eventually be obtained is not available to prying eyes, for example, through decompiling the application, or viewing network requests.
Thank you
\\ the app will be published in the Windows Store

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

A

Alexey Khaleev, 2015-11-25
@GRE4KA

no way, this site has an ssl certificate https://

V

Vyacheslav Zolotov, 2015-11-25
@SZolotov

1. Work strictly through https
2. Do not store or hardcode passwords in applications, and indeed any important information
3. Using native C ++ to work with Web API will make decompilation much more difficult.

M

MrDywar Pichugin, 2015-11-25
@Dywar

1) Best practice for saving sensitive data in Windows 8
2) Security best practices for building Windows Store apps
3) Building Secure Windows Phone 8 Apps
If they can decopy as a project, they will see the line right in the debugger :)