OWASP’s Global AppSec DC 2019 takes place Sept. 9 – 13 in Washington, D.C. Find our picks for several training and conference sessions to build your knowledge about mobile DevSecOps and application security, book a meeting with us and visit Booth S7.
Nearly all mobile apps interact with backend systems and require secure communications. One best practice for developers to safeguard network communications is to implement certificate pinning in their apps. Certificate pinning protects against attackers intercepting sensitive data via man-in-the-middle (MiTM) attacks. Learn more here.
Implementing certificate pinning in mobile apps that handle highly sensitive data provides too much benefit to be passed over. Users can be tricked into installing a malicious self-signed certificate on a mobile device, setting the stage for a man-in-the-middle attack. In those situations, certificate pinning can still prevent the interception of an app’s network traffic.