Certificate pinning is a security measure that mobile app developers can use to improve the security of their apps. It ensures that your app only connects with a backend API via TLS if the presented certificate chain includes at least one certificate public key that is known to be trusted. This means that the app is not simply reliant on the contents of the trust store on its device, but also requires an additional level of verification.
This is a vital security approach considering the fact that the ever-increasing popularity and use of smartphones and mobile apps make them a prime target of attack. For example, a recent study found that many app categories in the Android Store are vulnerable to cyber security attacks, and at least 16% had no fixes available.
Certificate pinning protects against mis-issuance, Certificate Authority (CA) compromise, and Man-in-the-Middle (MitM) attacks.
- Mis-issuance: A certificate mis-issuance occurs when a CA mistakenly issues a certificate to the wrong party. This happens through misconfiguration or human error. For example, in 2015, the China Internet Network Information Center (CNNIC) mistakenly issued unauthorized security certificates to several of Google's domains through an organization known as MCS Holdings.
- CA compromise: A CA compromise occurs when a malicious actor obtains control of a CA's systems and issues illegitimate certificates. For example, in 2011, the DigiNotar CA was compromised, preventing millions of Gmail users from accessing the service.
- Man-in-the-middle (MitM) attacks: An MitM attack occurs when a malicious actor inserts themselves between the mobile app and server. The attacker then intercepts, modifies, or relays messages without their knowledge or consent. Man-in-the-Middle attacks on mobile devices can have serious consequences, such as theft of sensitive information or financial loss. For a full discussion of Certificate Pinning mechanics, threat vectors and the most efficient and effective implementation approaches, check out our MitM whitepaper here.
The Approov Mobile App Protection solution contains an in-built Dynamic Certificate Pinning solution, designed for out of the box simplicity of implementation, monitoring and management. Many of our customers having benefited from it when certificates have been rotated without notice and they need to instantly update the certificates in their apps to match. You can read more about Approov Dynamic Certificate Pinning here.