This is possible if we have control of the client application, but in this case we do not. Is there a way to reliably identify if requests comes in thru a native browser in preference over a webview? If not, will this be possible with a future version of the CA Gateway stack?
Areas of concern with webviews are that they are still controlled by the underlying app, and requires more trust that the underlying app is not compromised or maliciously stores sensitive information displayed to or entered by the user.