Security Vulnerabilities in Certificate Pinning New research found that many banks offer certificate pinning as a security feature, but fail to authenticate the hostname. This leaves the systems open to man-in-the-middle attacks.

Read full news article on Schneier on Security