Identity certificates are commonly used to verify the identity of an end entity. For example, a service may use a certificate to verify the identity of end entity such as a mobile device, application, laptop, computing device, and/or other entity. A certificate may be used to generate an authenticated and secure communication channel between an end entity and a service via a service node without the use of shared keys or user ID/password entry.
In some cases, identity certificates may be vulnerable to tampering. Identity certificates are typically stored in a keychain and/or other repository associated with the operating system and/or application of a device. In certain cases, the keychain and/or other repository storing the certificate may be easily accessed. For example, a mobile device may be compromised, and the keychain exported to another unauthorized device. This could, in some cases, result in unauthorized access to protected resources.