Almost all "interesting" mobile applications don't exist in a vacuum. They rely on external systems for much of their data, and as such, frequently need a method for identifying and authenticating the application's user to the server. How this happens varies widely.
As part of my day job, I frequently review mobile applications on iOS and so have seen many ways for applications to authenticate to the server -- some good, some great, some OMG awful. In this talk, I'll review some of the common (and not-so-common) techniques I've observed both on apps I've seen at work and just what's running on my own iStuff. I'll talk about what's good and what's bad, and most importantly, why. And finally, I'll try to suggest some general advice that you can follow when designing your own mobile apps, or when reviewing them for your own organization.