we have developed Ionic app, in that SSL pinning using advancedHttpPlugin but still, the security team was able to use a third party tool to install a CA in the mobile and track the application, they provided below message for fixing the issue.
Secure Socket Layers (SSL), or Transport Layer Security (TLS) in its more modern implementation, are protocols designed to provide security for network communication by means of encryption. This protocol is most commonly associated with other protocols to provide a secure implementation of the service that protocol provides. Certificate pinning is the process of associating the backend server with a particular X.509 certificate or public key instead of accepting any certificate signed by a trusted certificate authority. After storing (“pinning”) the server certificate or public key, the mobile app will subsequently connect to the known server only. Withdrawing trust from external certificate authorities reduces the attack surface (after all, there are many cases of certificate authorities that have been compromised or tricked into issuing certificates to impostors). a) In order to make your communication safer, explicitly compare the SSL certificate used for the connection with an expected client-side certificate.
On Ionic, is there any other method we need to include to also restrict Burp CA?
We followed this blog for SSL Pinning
Please help me to fix this, Thanks In advance.