Here you can find the slides and the example code for my presentation with the topic "certificate pinning". I held this talk in the context of the GDG Mannheim.
Meetup Event: https://www.meetup.com/Rhein-Neckar-Dev-Meetup/events/258510860/
Slides: Certificate Pinning
"Call for Paper":
As a attendee you will learn what is behind the concept of certificate pinning and how to protect your app users from man-in-the-middle attacks. First of all I will explain what certificates are used for and how they protect internet communication. Then I show you how this protection can be bypassed with a man-in-the-middle attack against an Android smartphone. We will then use certificate pinning to identify the resulting vulnerability in order to protect our users from data theft. I show this with a simple Android app that makes a REST-API request against the GitHub API using the libraries okhttp and Retrofit. I address my presentation in general to all IT interested people and use the Android app only as a practical example to understand certificate pinning without going too much into the specifics of this platform.