I am developing a web service that will be used by an app on Android, iPhone and Windows Mobile devices. The app requires no login. Is there any way I can secure my web service so that only the app running on the mobile devices can access it? I want to prevent someone from getting a hold of the web service and exploiting it.
Asked
Active
Viewed 270 times
1
-
No, you cannot. Some discussion [here](http://stackoverflow.com/questions/4671435/how-to-make-a-secure-login-using-udid-or-device-token/4671678#4671678). – Seva Alekseyev Mar 23 '12 at 19:06
-
1I suppose you could require a login anyway and store the credentials in your app's code. It's not 100% but at least people won't be accessing the web service without the app unless they gut your app and decompile it. – Squatch Mar 23 '12 at 19:47