Apple extends developer deadline to support App Transport Security into 2017

By Mikey Campbell

Apple on Wednesday informed developers that it has extended the deadline by which apps submitted to the various App Stores will required to use App Transport Security, a standard introduced in iOS 9 and OS X 10.11.

According to a brief statement posted to Apple's Developer News website, the ATS implementation mandate has been pushed back to an as yet unannounced date in order to give app makers "additional time to prepare" their wares for support.

ATS debuted in 2015 as a method of improving security and privacy by forcing apps to transfer data through secure connections over HTTPS. Similar protocols are already employed by banks, internet service providers and other companies dealing with highly sensitive user data.

Although ATS is switched on by default in Apple's development toolset, developers currently have the option of deactivating the feature. During this year's Worldwide Developers Conference, however, the company said it would begin enforcing ATS support starting Jan. 1, 2017.

Apple's shift to ATS sparked a minor controversy in 2015 when Google publicized a technique of sidestepping the network security protocol. At the time, the search giant discovered ATS was inhibiting ads from displaying in certain mobile apps, so the company proposed a "short term fix" that involved inserting HTTPS exceptions into affected titles.

While the extra lines of code help Google serve up ads, and bring in ad money, the exceptions skirt Apple's recommended protections and inherently put end users at risk.

Apple has not announced an expected timeline for ATS integration, saying only that developers will be updated when a new deadline is confirmed.