Skip to Main Content

Drag-and-Drop SSL Pinning with TrustKit

Posted on 8.05.2015

Mobile app security provider Data Theorem and Yahoo are unveiling a new open source security toolkit designed to help developers include SSL pinning on any mobile application.

SSL pinning is a practice employed by developers to ensure eavesdropping cannot occur on data connections on their mobile apps. It works by making sure the client checks the server's certification against a known copy of that certificate. While the concept has been difficult and time consuming to implement, the new TrustKit security toolkit from Data Theorem and Yahoo should make it easier.


 SUBSCRIBE to Website Magazine - 12 Issues FREE


“SSL pinning often goes overlooked when developers are designing mobile apps for scale, but it is crucially important to the security and privacy of communications on billions of mobile devices,” said Himanshu Dwivedi, CEO of Data Theorem. “With this new, open source toolkit, we are making it simple to significantly upgrade the security and privacy of every mobile app, and all of its communications.”

TrustKit, available now on Github, can be deployed quickly within iOS or OS X apps without modifying the source code. The toolkit offers API-independent pinning by directly hooking into Apple's Secure Transport, and even provides a mechanism to report pinning failures.

Leave Your Comment

Login to Comment

Become a Member

Not already a part of our community?
Sign up to participate in the discussion. It's free and quick.

Sign Up

 

Leave a comment
    Load more comments
    New code
  •