danaronson
commented
4 years ago I know you can do it on osx (see https://www.techrepublic.com/blog/software-engineer/use-https-certificate-handling-to-protect-your-ios-app/ for example) i assume one can do this on android too.
Dan L raised questions on call today about client authentication. @agentlewis why not describe how you are currently doing it in a comment.
We currently don't do anything like that, because of the potential issue with it busting anonymity for anyone with a compromised server, reports from users are intentionally not linked or linkable.
Dan A has suggested in the past using a client certificate which certifies the code, not the user, @danaronson - did you know how to do this, or just that it could be done ?
@jmday made it clear that priority of this is lower, i.e. need client working with this server first