Skip to main content

Certificate pinning

Certificate pinning is commonly used in mobile applications to ensure that the app only communicates with a trusted backend, by validating the server's TLS certificate or public key. This mitigates risks such as:

  • Man-in-the-middle (MITM) attacks
  • Compromised or rogue certificate authorities (CA)
  • TLS interception through proxies or malware

Traditionally, this is achieved by embedding (often referred to as pinning) a server certificate or public key in the application and validating it during the TLS handshake.

How does it work for MobileID?

MobileID does not rely on traditional TLS certificate pinning at the transport layer. Instead, it provides equivalent or stronger security guarantees through an end-to-end encrypted (E2EE) application layer.

While certificate pinning secures the transport layer, E2EE secures both the transport and the application layer.

To learn more about how these security mechanisms differ, see the table below:

Benefits of using E2EE

Certificate pinning is designed to prevent an attacker from successfully impersonating the server and intercepting traffic. However, a correctly-implemented E2EE application layer means that even if an attacker manages to intercept the connection, the data they capture is useless.

Want to learn more?

For more information, see our End-to-end encryption feature documentation.

Analogy

To help visualise the concept, you can use the following analogy:

  • Certificate Pinning: You ensure that your letter is delivered by a specific, trusted courier.
  • End-to-End Encryption: You put the letter in a locked safe that only the recipient has the key to. This means that even if the letter is intercepted, it cannot be read.

Security

Our architecture provides the following security guarantees:

  • Confidentiality: All data remains completely private and unreadable to any third party.
  • Integrity: The E2EE mechanism ensures that the data cannot be tampered with in transit.

In summary, our application-layer E2EE provides a superior security guarantee compared to certificate pinning by protecting the data itself, not just the channel it travels over. By encrypting data before it even leaves our SDK, we ensure that it remains confidential, regardless of the security of the transport layer.

This makes the traditional practice of certificate pinning redundant for our MobileID service.

On this page