What is the purpose of certificate pinning in mobile application security?

Question

Cybersecurity Fundamentals — Hard

What is the purpose of certificate pinning in mobile application security?

Accepted Answer

Certificate pinning in mobile application security involves hardcoding the expected server certificate or public key in the app. This prevents Man-in-the-Middle (MitM) attacks, even if a trusted Certificate Authority (CA) is compromised or a rogue certificate is installed.