Many think that SSL has completely solved the man-in-the-middle attack protection, at least with realistic attack scenarios. The truth is that man-in-the-middle attacks are successfully performed on SSL connections, both by individuals and corporations.
To protect the users of your application against such attacks use SSL pinning. In this video, we explain SSL pinning basics and show how SSL pinning implementations can be attacked and what you can do to harden your implementation even further.
0:00 Intro
0:25 What is SSL pinning?
2:27 How to use SSL pinning in your app?
7:12 Hardening your SSL pinning implementation
23 Comments