Swift Security

Swift/iOS security best practices

Default

Language / Topic

Swift

Rules

Swift Security · balanced balanced

- Store sensitive data in Keychain using `SecItemAdd` / `SecItemCopyMatching` — never in `UserDefaults` or plain files.

- Enable App Transport Security (ATS) and only allow HTTPS connections — configure exceptions in `Info.plist` only when absolutely necessary.

- Use `CryptoKit` for hashing (`SHA256`), encryption (`AES.GCM`), and key agreement — avoid CommonCrypto for new code.

- Store secrets in Keychain, never UserDefaults.

- Enable ATS and enforce HTTPS for all network calls.

- Use CryptoKit for modern cryptographic operations.

- Validate all server certificates with `URLSession` delegate methods.