We are developing react-native SDK which will be used by another react native app (main app) for some functionalities. From our SDK there are API calls and some contains sensitive data. So with a security check from main found that man-inthe-middel can see the the sensitive information pass through SDK. Since it is only a SDK hope we can't implement certificate pinning and if we do so we need do modification on main app and which is not allowed. We are just wandering whether there is any method to prevent man-inthe0middel attack.
Asked
Active
Viewed 125 times
