After announcing earlier this year plans to force all iOS app developers to deploy HTTPS starting with 2017, Apple postponed its deadline indefinetly, to give app makers more time to migrate their app and backend infrastructures.
The decision comes after a market study put together by Appthority published this month showed that only about 3% of 200 enterprise iOS apps were updated to use encryption.
Most developers argued that the high cost of supporting encryption mechanisms and possible client hardware incompatibilities have prevented them from making the step in time for Apple's original deadline, which was at the end of the year.
The Cupertino tech giant announced in June 2016 at the Worldwide Developers Conference (WWDC) that it would not allow new iOS apps on the App Store, if they didn't support App Transport Security, or (ATS).
ATS would force developers to migrate all client-server communications to HTTPS. Support for ATS has been added in iOS 9.0 and OS X 10.11, so the only step needed was to convince app developers to update their apps to support ATS.
Apple tried to force iOS developers through the WWDC announcement, but very few developers updated their apps to support encrypted communications.
One of the reasons why many developers didn't rush to implement ATS was because Apple published a list of exemptions that app developers could invoke and skirt around the ATS enforcement.
Some of the biggest app vendors, such as Facebook, Microsoft, and others used these exemptions.
Now Apple has all but given up on enforcing ATS, being in danger of killing its app ecosystem.
"To give you additional time to prepare, this deadline has been extended and we will provide another update when a new deadline is confirmed," Apple said in its statement.
For the time being and the foreseeable future, ATS will remain an optional security measure in iOS, despite its palpable advantages.