Black iPhone

After announcing earlier this year plans to force all iOS app developers to deploy HTTPS starting with 2017, Apple postponed its deadline indefinetly, to give app makers more time to migrate their app and backend infrastructures.

The decision comes after a market study put together by Appthority published this month showed that only about 3% of 200 enterprise iOS apps were updated to use encryption.

Most developers argued that the high cost of supporting encryption mechanisms and possible client hardware incompatibilities have prevented them from making the step in time for Apple's original deadline, which was at the end of the year.

ATS announced at WWDC 2016 in June

The Cupertino tech giant announced in June 2016 at the Worldwide Developers Conference (WWDC) that it would not allow new iOS apps on the App Store, if they didn't support App Transport Security, or (ATS).

ATS would force developers to migrate all client-server communications to HTTPS. Support for ATS has been added in iOS 9.0 and OS X 10.11, so the only step needed was to convince app developers to update their apps to support ATS.

Apple tried to force iOS developers through the WWDC announcement, but very few developers updated their apps to support encrypted communications.

Many app makers used ATS exemptions to avoid the encryption deadline

One of the reasons why many developers didn't rush to implement ATS was because Apple published a list of exemptions that app developers could invoke and skirt around the ATS enforcement.

Some of the biggest app vendors, such as Facebook, Microsoft, and others used these exemptions.

Now Apple has all but given up on enforcing ATS, being in danger of killing its app ecosystem.

"To give you additional time to prepare, this deadline has been extended and we will provide another update when a new deadline is confirmed," Apple said in its statement.

For the time being and the foreseeable future, ATS will remain an optional security measure in iOS, despite its palpable advantages.

Related Articles:

ZipperDown Vulnerability May Impact 10% of All iOS Apps

Google's .App Domains With Baked-In HTTPS Are Now Open for General Registration

Apple Is Cracking Down on Apps That Share Geolocation Data With Third Parties

Apple Releases Security Updates for MacOS, iOS, and Safari

QR Code Bug in Apple iOS 11 Can Lead Users to Malicious Sites