As we discussed in Chapter 3, Securing PhoneGap Apps, the best way to ensure that communication with the backend is secure is to use SSL Certificate pinning. Prior to every request, we verify that the certificate being utilized to secure communications is a known certificate.
We're using a plugin developed by Eddy Verbruggen called SSLCertificateChecker. To add this to a Cordova project, refer to Chapter 3, Securing Phonegap Apps, or the Getting Started section in this chapter.
We covered a very simple example in Chapter 3, Securing PhoneGap Apps. Unfortunately, that particular sample relied solely on callbacks, it would have been better if the sample was wrapped with a Promise instead, as in the following code: