Securing communications between applications and services is extremely important, and mobile apps are no exception. Even if you use an encrypted channel based on HTTPS, you should never completely trust the identity of the target. For example, an attacker could easily discover the URL your application is pointing to, and put a fake certificate in the middle of the communication between an application and the server, thus intercepting the communication.
source http://www.c-sharpcorner.com/article/certificate-pinning-in-xamarin-forms/
No comments:
Post a Comment