Unauthorized API Key Usage

We’ve created and released a Mobile App that uses the API, and have been keeping a close eye on usage and cost as our user base grows.

Everything was looking normal, and we were seeing very modest API cost, day over day, $0.05 $0.07 $0.06 etc.

Then, out of nowhere, it jumped to over $120 in a single day. The way our App is designed, a “Power” user could never input enough to generate a usage bill that high, especially considering we’re using 3.5-Turbo and not 4.

So the only logical explanation is that our API key was compromised. And is being used in an unauthorized way.

Does anybody else have experience with protecting their API keys in Apps? Having their API key compromised? Any recourse that can be taken? We’ve already revoked the key to stop current usage.

The only thing I could imaging is building our own API layer in front of access to OpenAI to be able to throttle and control which user consumption. Maybe this was the correct approach from the start, and I was ignorant to assume direct access to the API would be safe.

Any and all feedback is much appreciated!

It sounds like they were able to monitor the network traffic and capture your key.
It’s just a bad idea having your API key exposed anywhere in the front-end of your service

Great thought. Maybe consider extending this further with serverless architecture such as Firebase, so that your database works as the API / Authentication / Database layer all together. With a nice configuration the user would only ever interact with your database (which has built-in authentication with Firebase)

2 Likes

It’s been some time since I’ve used Wireshark to intercept network traffic, I guess that’s still very much a thing. Thanks for the advice!

1 Like

Yup, I haven’t released an AI app for security reasons like this. It’s not just network traffic monitoring, but they can also decompile your app. Assume that Android code is exposed just like a website with JavaScript would be.

I’d recommend you put your calls in a cloud. It protects your API key and the prompt. Serverless is perfect for this. You can actually ask GPT-4 to walk you through this, step-by-step, lol.

2 Likes

GPT-4 walking me through setting this up on the cloud

2 Likes

It’s very easy to take an iOS or Android app and search for strings. Secret keys tend to be very easy to extract.

You should always wrap the OpenAI APIs in your own API so you can control access.

If you don’t currently have your users create an account to use your app I would suggest doing that so you can authenticate then and block access if needed.

3 Likes

Spot on answer!

I’ve seen a few cases like this where Keys have been misused and it’s normally people embedding them in things that they then give out to users. From C#, iOS, Android etc., there is little you can’t break into and extract data from if you put your mind to it.

The most popular packages in GitHub for iOS all require you to expose your key.

Can you explain how this is very easy? If you download a Signed IPA from Apple, and decompile it in a popular tool like MobSF, all the Strings are still obfuscated. I tested this myself. So now, how does one go about reverse engineering that? To actually extract entire Strings in their original format?

This is true, and we should probably link this thread to those Libraries before more iOS Developer make this same mistake, and warn them of the security vulnerabilities

1 Like

Something to think about. The ones I have seen have the generic “You shouldn’t include your API key in your code message” but they don’t provide an alternative and junior developers just build their entire apps around the package, then they are stuck an publish.

I think the creators know and published while they were testing out the API.

Update: Downloaded Charles Proxy on my Mac. Setup an HTTP Proxy, forwarded all my iPhone Traffic through it, and Downloaded the Charles Proxy SSL Cert, gave it root access on my iPhone, and was able to decrypt the HTTPS request from my iPhone. Took 10 minutes. In plain text, was my Authentication Header containing the full API Key. No library on GitHub that talks to the OpenAI API directly from any non-authenticated Front End Client (Web, Mobile, etc) is safe. Embarrassing I forgot how easy this was to do, but lesson learned.

2 Likes

Nothing like $120 towards the school of hard knocks.

Thanks for the update

This is classic mistake in API security. Many games have died from cheating and abuse because of this mistake, for example.
Any bits in the hands of a user, will be read by that user.

What you need to do in these cases, is run your own intermediate API service, which does rate limiting and user verification, and that in turn calls the upstream API (OpenAI in this case.)
If you don’t want to run servers, you could probably do this on top of Firebase or AWS Lambda.

That’s the spirit :slight_smile:

1 Like

I’m not saying that it’s impossible that my key was also compromised, in fact that is fully within the realm of possibility, however this is one of many examples i’ve found, like my own, that occured nearly overnight. It could have been some set of users who obtained a bunch of keys and used them in batches to process massive amounts of data- maybe to build their own LLMs/get loads of training data, but there’s also a chance that this could have been some sort of glitch or runtime error. I’m suggesting this is the case because in addition to the inordinate usage that i accrued over the past day and a half(ironically my personal API usage dramatically lowered this week) I am still unable to view my usage breakdowns. According to the Openai Status, this was a ‘known issue’ and then ‘dealt with’ shortly thereafter. Since I’m unable to view my usage still, I’m going to go ahead and say it’s actually not still dealt with, and if my usage was still high but that was the entire story, i’d be even more confused about not being able to view the breakdowns.

Moving forward, i plan on using an additional third party application, or personal private server method, to both keep my token secure and also get more robust monitoring information.

Hope we get some more information about what happened here shortly. My current use cases are limited but our customers were greatly benefiting from them, and I’ve been thoroughly enjoying the process of exploration into finding new ways of integrating AI for business and personal use.

No really something we can post here but if you look on youtube, there’s a kid who has a full tutorial on this - I wouldn’t say it’s “Easy” but certainly doable.

The only way I can think of is, that your API key should be running in the backend, and not in the front end AJAX calls to the back end. That’s also mentioned in the docs to secure it. I am assuming you have done this?

One thing you should also consider is using the organization key along with the API key. It’s under Organization settings where you name your org under your OpenAI account.

if you put your api key in client side that will be easy to stolen

gregyoung14, how did you go about mitigating this? Did you go with an APIGateway or? If you can point to things you did to address this it would be appreciated!