KOKO is mainstreaming liquid bio-ethanol
cooking fuel as a fast, safe and affordable
alternative to dirty cooking fuels such as
charcoal
https://kokonetworks.com
Slide 4
Slide 4 text
Protecting your app from reverse engineering and man in the
middle attacks
Slide 5
Slide 5 text
SSL certificate pinning
Obfuscation with
proguard
Slide 6
Slide 6 text
SSL Certificate pinning
Why SSL Certificate pinning?
to prevent man in the middle attack
What is SSL?
-Secure Socket Layer - its a protocol that has
always been used to encrypt and secure
transmitted data between server and client
(website and browser).
Slide 7
Slide 7 text
SSL Certificate pinning
What is ssl certificate pinning?
is ensuring that any client SSL request first
validates that the server’s certificate exactly
matches the bundle’s certificate previously
stored in the application.
Slide 8
Slide 8 text
SSL Certificate pinning
Slide 9
Slide 9 text
SSL Certificate pinning
What steps do we need?
● Obtaining a certificate for the desired host
(preferably the whole certificate chain).
● Pin the certificate to an instance of
DefaultHttpClient
Slide 10
Slide 10 text
SSL Certificate pinning
Get certificate public key from ssllabs
This is the hashed public key of the certificate
Slide 11
Slide 11 text
SSL Certificate pinning
Slide 12
Slide 12 text
SSL Certificate pinning
Slide 13
Slide 13 text
SSL Certificate pinning - Failure
Slide 14
Slide 14 text
Obfuscation
What?
-is a process of creating source code in a form that is hard
for human to understand.
Why?
To prevent reverse engineering
To reduce your app size
Slide 15
Slide 15 text
1. Configure your gradle file (app/gradle)
2. Use default android proguard rules or create
your own
3. Edt your rules
Obfuscation Steps