iOS apps will require secure HTTPS connections by 2017

Apple announces the move to mandatory use for the secure internet protocol for iOS apps at WWDC 2016.

Luke Lancaster Associate Editor / Australia

Luke Lancaster is an Associate Editor with CNET, based out of Australia. He spends his time with games (both board and video) and comics (both reading and writing).

See full bio

Luke Lancaster

June 14, 2016 10:14 p.m. PT

Earlier this week at a security presentation at WWDC, Apple announced that iOS apps have until January 1, 2017, to enable a security feature called App Transport Security.

This story is part of WWDC 2022, CNET's complete coverage from and about Apple's annual developers conference.

ATS was first introduced with iOS 9, and it forces apps to use HTTPS connections rather than HTTP connections when connecting to the web. The more secure connection type authenticates connections and encrypts data transmissions, meaning data cannot be easily read if improperly accessed.

The feature is particularly important in banking and messaging apps, but soon ATS will be mandatory across all apps sold in the App Store.

Currently, ATS is opt-in, which allows apps to send unsecured data over the internet. Moving to HTTPS connections ties in with Apple's stance on privacy, best exemplified in its refusal to unlock an iPhone used by one of the shooters involved in the San Bernardino massacre.

This article also appears in Spanish. Read: Los apps de iOS requerirán seguridad HTTPS en sus conexiones para 2017