Download PDF
Prodapt > Case Studies > Securing Mobile Applications with SSO Authorization and PKCE
Prodapt Logo

Securing Mobile Applications with SSO Authorization and PKCE

 Securing Mobile Applications with SSO Authorization and PKCE - IoT ONE Case Study
Technology Category
  • Cybersecurity & Privacy - Application Security
  • Robots - Wheeled Robots
Applicable Industries
  • National Security & Defense
  • Telecommunications
Applicable Functions
  • Quality Assurance
Use Cases
  • Tamper Detection
  • Voice Biometrics
The Challenge
The client, a US-based communication provider, was in the process of transitioning most of its services to mobile devices. They aimed to provide their users with easy, real-time, and seamless access to information, products, and services. However, they encountered issues with their authentication process, which was not robust enough and was vulnerable to attacks due to ineffective implementation of their authentication tokens and session management. The client realized the need for a solution that would facilitate secure access to resources through mobile apps without compromising performance. Two major problems were identified: the transmission of sensitive data through URL redirects during Single Sign-on (SSO) logins, and the increased security risks posed by SSO logins via web and mobile apps.
The Customer

Not disclosed

About The Customer
The client is a US-based communication provider that was in the process of digitizing most of its services. They aimed to provide their users with easy, real-time, and seamless access to information, products, and services through mobile devices. The client prioritized customer trust and was committed to ensuring top-notch security for their information and resources. However, they faced challenges with their authentication process, which was vulnerable to attacks due to ineffective implementation of their authentication tokens and session management.
The Solution
To address these challenges, the client implemented a Proof Key Code Exchange (PKCE) system. This system was designed to prevent the interception of the authorization code by malicious apps that had infiltrated the user’s device. The client had built multiple subsystems for every functionality, and these were responsible for providing resources and access to mobile applications. The PKCE system was implemented to provide secure access to all these applications. The solution, which included secured SSO authorization with PKCE, protected the mobile apps from unauthorized access. It provided additional security, protected user privacy, and increased customer satisfaction.
Operational Impact
  • The implementation of the PKCE system and secured SSO authorization significantly improved the security of the client's mobile applications. It prevented the interception of the authorization code by malicious apps, thereby protecting the apps from unauthorized access. This solution not only provided additional security but also protected user privacy. As a result, the client was able to increase customer satisfaction by ensuring secure and seamless access to their services through mobile devices.
Quantitative Benefit
  • Achieved a 2X reduction in various online security threats

Related Case Studies.

Contact us

Let's talk!

* Required
* Required
* Required
* Invalid email address
By submitting this form, you agree that IoT ONE may contact you with insights and marketing messaging.
No thanks, I don't want to receive any marketing emails from IoT ONE.
Submit

Thank you for your message!
We will contact you soon.