I have been researching about SSL certificates in mobile devices, especially in the banking sector. I have these questions and I have no idea where to find answers but here.
- Is there a technology that does a verification of the authenticity of mobile certificates before they reach the mobile device and the server -in between the channel, for instance how a VPN works, connecting a device and cloud (internet). if there is, I will appreciate a link to it.
- Is there a possibility for any person to specify or create a private key for encryption, just like when creating a username and password? if yes how (a link please).
- Is there a later technology, better than SSL certificates or an improved SSL certificate way of preventing MITM attacks?