SECURE YOUR SPOT FOR THE KONG AGENTIC ERA WORLD TOUR GOVERN A2A TRAFFIC WITH KONG'S NEW AGENT GATEWAY DON’T MISS API + AI SUMMIT 2026 SEPT 30 – OCT 1
We're Entering the Age of AI Connectivity [Read more](/blog/news/the-age-of-ai-connectivity)Read moreProducts & Agents:
_Video_

# Practical Implementation of Good Security Hygiene for Mobile Apps

We all know that we shouldn’t store secrets in mobile apps, but what is the practical alternative? We all know that we should use certificate pinning for our APIs, but how can it be done simply and safely? This talk will describe a real project to explore some of the challenges of implementing good security practice in a large organization and discuss a third-party solution (Approov) which addresses both of the issues above in a relatively simple way using industry standards and working neatly with Kong.

Approov is an API security solution which attests that API requests have come from genuine mobile app instances, ensuring that bots, scripts and re-packaged apps can’t communicate with backend systems. Further, Approov includes a dynamic pinning capability which makes implementing and managing pinned connected much easier than has previously been possible.

Approov’s Kong plugin enables the benefits of Approov without the need to modify backend systems, blocking all bots and scripts even if they present valid credentials. Join this session to learn how to improve security hygiene significantly with minimal effort.

### Speakers

Julien Bataille profile Picture

#### Julien Bataille

Software Development Manager

* Rakuten Inc.*

David Stewart profile Picture

#### David Stewart

Co-founder

* CriticalBlue*

**Topics**
- [API Security](/resources/videos/tag/api-security)API Security- [Mobile](/resources/videos/tag/mobile)Mobile

## Get started with the API & AI platform

[Book Demo](/contact-sales)Book Demo