Update: Apple just announced that it is postponing the ATS compliance deadline. A new deadline is unknown at this time.
During WWDC 2016, in the What’s new in Security session, Apple announced it will start enforcing App Transport Security in the App Store by the end of 2016. Our research indicates that most apps are still using keys that disable this policy and are not ready for this new regulation.
App Transport security (ATS) was introduced during WWDC 2015: “If you link your app against OS X El Capitan or iOS 9, by default it won’t be able to make any unprotected HTTP connections; they will simply fail…”
Now, with 2017 only a few days away, apps face harsher scrutiny by Apple. As if it wasn’t already tough enough getting through the review process unscathed, app publishers are now checked at the door for unsecure connections. Any irregularity and you won’t be let into the store before doing some proper explaining.