Mobile SDK on Android does not implement certificate pinning.
If an endpoint presents an expired certificate or the leaf certificate does not match which is in the MSSO Config file, Android SDK does not return certificate pinning error.
Release : 2.1
Component : MOBILE SDK
This should fixed in the future release of Mobile SDK which should be available in the last quarter of 2022.