android – If I construct an SDK, is it essential that I implement certificates pinning?

Most, if not all, articles state that certificates pinning is essential for apps. Nevertheless, there may be not a lot dialogue whether or not it’s essential to implement it if you’re creating your SDK and merchandising it for others to make use of.

Some questions come to thoughts

1. If I add certificates pinning to my SDK, will it intrude with the consumer’s networking implementation? (eg. introduce bugs or crashes)
2. If don’t add certificates pinning and the consumer integrating my SDK does, will that be sufficient to ensure that knowledge despatched to my SDK’s servers be “secure”? (I might guess not since purchasers have no idea which sources are “secure” from the SDK’s standpoint)

I have not executed a lot SDK develop and am genuinely curious. Thanks prematurely!

What I’ve tried

• Learn up on certificates pinning for apps
• Applied certificates pinning for small apps