Applications on Android are not using Certificate Pinning

I’m doing a study for university and part of this study is to gather a group of android applications and check which of these applications use Cert Pinning. I am doing this by using fiddler as a proxy(I have also download fiddler certificate on my Android Phone) the applications which work normally do not have certificate pinning while the others who stop working do have certificate pinning.

The problem is that all the applications are working normally, this include applications such as youtube, gmail, play store. This means I can capture the traffic on Fiddler from these apps. My friend tried this as well on a more modern Android device and he is not able to capture any traffic from the mentioned apps and also from other apps which most probably have cert pinning. However I am able to capture from most applications ( but not from facebook, instagram and tiktok).

Does this have to do with my Android version, I have android 5.1.1. Does anyone have an idea what is the causing this, and if there’s a way to enable certificate pinning ?

TIA

Source: Android Questions

LEAVE A COMMENT