Android Security: Certificate Transparency

To protect our apps from man-in-the-middle attacks one of the first things that usually springs to mind is certificate pinning. Indeed, in early 2017 I published an article that discusses implementing SSL Pinning on Android.

At the time little did I know that in late 2017 Google were to announce that Chrome 68 would deprecate support for HTTP public key pinning (HPKP). Chrome 68 was…