Your suggested change has been received. Thank you.

Suggest A Change

Thank you! Your suggestion has been submitted.

https://thales.na.market.dpondemand.io/docs/dpod/services/kmo….

There are some errors in your form.

Your Name This field is required

Your Email This field is required

How can we improve this content? This field is required

OneWelcome Identity Platform
- Explore Thales Docs

IDAAS core
User journey orchestration
Consent and preference management
Consent Management v2
- Admin UI guide
- Consent Management v2 APIs
Identity broker
Delegated User Management v2
Externalized authorization
Delegated user management
- Getting started
- Roles
- Rules
- User management
- Self service page
- Data
- APIs
- Apps
- Jobs
- Reports
Risk management
- Essential Edition
- Enhanced Edition
Mobile identity
- Mobile identity - Access component
- Mobile identity - Tulip
Mobile SDK
API references
Release notes and FAQ
Policy-Based Authorization Manager
Integrations
Identity Orchestrator (IO)

All

All

Permissions

iOS Certificate Pinning For Release Configuration

Please Note:

Risk management
Essential Edition
- Default rules
- Default policies
Enhanced Edition
- Quickstart
  - Tutorial overview
  - Collecting Signals
    - Collecting signals from a mobile
    - Collecting signals from a web page
    - Android
    - iOS
  - Evaluating risk
- Guides
  - What is a policy?
  - Managing policies in the IFP console
  - Evaluate risk with auth feedback
    - Overview
    - Collecting Signals
    - Risk Evaluation
    - Authenticating
    - Authentication Feedback
  - Reporting fraudulent transactions
  - Change password or PIN
  - Ionic Mobile Integration
    - Introduction
    - Setup your environment
    - Create Cordova Plugin
      - Introduction
      - Creating the native Android part of the plug-in
      - Creating the native iOS part of the plug-in
    - Add the plug-in to the app
- REST API
  - Partners
    - Partner technologies overview
    - Thales
    - ThreatMetrix
    - Global Score
      - Description
      - Global score computation
  - Authentication and authorisation
  - Implementing Client-Side Mutual TLS Authentication
  - OpenAPI - stand alone IFP
- SDK
  - Web SDK
    - Risk Management Javascript SDK
    - CORS (Cross-Origin Resource Sharing)
    - Definitions
    - Framework v1
      - Overview
      - Signal collection For a Multi Page Website
        
        Signal Collection for a Multi Page Website
        
        Partner technologies
    - Framework v2
      - Overview
      - Specification
        
        Script integration
        
        ifp_initUseCase
        
        ifp_initView
        
        ifp_initUseCaseAndView
        
        ifp_finalizeView
        
        ifp_params
      - Integration examples
        
        Single Page Application website
        
        Multiple pages website
      - Partners Integration
        
        LexisNexis Threatmetrix and Behaviosec
  - Mobile SDK
    - Introduction
    - Overview
    - Signal groups and corresponding signals
      - Overview
      - Signal group size
    - SDK variants
    - SDK compatibilities
    - Release notes
    - Security
      - Android
      - iOS
    - Integration guidelines
      - Before you start
      - Basic integration
      - Advanced use cases
        
        Advanced use cases (optional)
        
        Set active signal groups
        
        Set active signals list
        
        Set a transaction as critical
        
        Set custom signals to BehavioSec signal collection
        
        Integrating BehavioSec SDK at Host Application
        
        Integrating BehavioSec New Account Fraud (Population Profiling)
        
        Set custom signals to ThreatMetrix signal group
        
        Enable ThreatMetrix Certificate Pinning
        
        Get meta information about the SDK
        
        Certificate pinning
        
        Disable hook detection
      - Debug vs. Release builds
      - Removal of Zimperium and InAuth SDK
        
        Android
        
        iOS
      - Error codes
      - Troubleshooting
    - Permissions
      - OIP Risk Management SDK permissions
      - Permissions required for ThreatMetrix
      - iOS Certificate Pinning For Release Configuration
    - Privacy
      - Apple app privacy
    - Other
      - Android application size reduction
      - Exporting ThreatMetrix Certificate from Browser
      - Third-party libraries
      - Frequently asked questions
      - Appendix A: Evaluation
    - Glossary
    - API reference
    - Supported plaforms

Was this document helpful? Yes No

Feedback Sent!

If you like, you can provide additional feedback.

OneWelcome Identity Platform
Risk management
Enhanced Edition
SDK
Mobile SDK
Permissions
iOS Certificate Pinning For Release Configuration

iOS Certificate Pinning For Release Configuration

You can configure the OIP Risk Management SDK backend and application server URLs in the ATS configuration of Info.plist.

OIP Risk Management SDK established its HTTPS connection over TLS with Risk Engine backend to get the visitID. To protect from man-in-the-middle attack, it rejects hostname-mismatch, self-signed certificate and accepts only root CA trusted certificate. In addition, OIP Risk Management SDK also uses strong cipher suites.

As ATS is part of the application's configuration, the following settings are to be added to the application's plist file via Key > App Transport Security Settings.

In the application’s Info.plist file, add a dictionary with App Transport Security Settings.
In Application Transport Security Settings (ATS), configure the parameters for Exception Domains based on the GAH backend URL.

Recommendations for host application

NSAllowArbitaryLoads key is set to NO by default. Setting the key to YES indicates that it will be opted out of ATS and from its associated security benefits.
NSExceptionDomains dictionary sets name specific domains for which exceptions need to be set. Currently no exceptions are required, only adding domain names is required for Certificate Pinning.

On this page

OneWelcome Identity Platform

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com

Support
- Customer Release Notes
- Support Contacts
Legal
- End User License Agreement
- Terms of Service

© Copyright 2019-2026, Thales Group

+1 410-469-1651 supportportal.thalesgroup.com