proxy - How to secure android app from network traffic capturing -
my app making http requests , don't want others see content of requests. @ moment can check app doing using fiddler. in order track network traffic on phone had change wi-fi settings , connect internet using proxy server. i.e. computer. possible programatically check whether phone using proxy? if knew phone using proxy forbid user using app showing error dialog. there ways of solving problem? i've seen apps work on normal wi-fi settings not when using proxy therefore assume there solution. way i'm using retrofit library making requests.
moving traffic use https help protect against network snoops fiddler.
however, fiddler can decrypt https traffic user's help, means can't use https, need implement certificate pinning, whereby client code verifies server presented 1 specific certificate (not interception certificate fiddler generates).
however, doesn't solve problem, user can jailbreak device , disable certificate pinning code.
you should step , reconsider threats you're trying protect against , update question appropriately.
Comments
Post a Comment