Short definition: Binding apps or services to a specific certificate to prevent impersonation or MITM attacks.
1 min read
What it is
Certificate pinning ensures an application only trusts a known certificate or public key. Even if an attacker obtains a fraudulent certificate, the app will reject it.
Pinning is common in mobile apps, banking environments, and sensitive API communications.
Why it matters
Compromised certificate authorities and network-level attackers can intercept encrypted traffic. Pinning prevents acceptance of forged certificates, strengthening TLS security.
How to reduce risk
- Implement public key pinning in mobile apps
- Rotate pins safely using backup keys
- Track certificate expiration
- Test fallback behaviors
- Automate certificate updates