Implementing certificate pinning in mobile apps that handle highly sensitive data provides too much benefit to be passed over. Users can be tricked into installing a malicious self-signed certificate on a mobile device, setting the stage for a man-in-the-middle attack. In those situations, certificate pinning can still prevent the interception of an app’s network traffic.
Mobile Security Analyst
At NowSecure, Rono finds vulnerabilities in mobile technology and attempts to exploit them. He is passionate about helping developers understand and improve the security of their products and systems. Rono holds a master's degree in security informatics from Johns Hopkins University.