Facebook has introduced a new feature in its platform to make it easier for bug bounty hunters to find security flaws in Facebook, Messenger, and Instagram Android applications. The new option now lets researchers easily bypass Certificate Pinning on the Facebook-owned mobile apps. The feature is not visible to everyone by default, so researchers have to explicitly enable this feature for their Android apps from a web interface on Facebook website. Once enabled, you’ll see a banner at the top of your app indicating that the network testing is enabled and your traffic may be monitored.
Source: https://thehackernews.com/2019/03/facebook-whitehat-setting-hackers.html