(Recommended) Before any event is submitted to the SAP Mobile Platform runtime, the subject of the certificate's CN that is mapped to the logical role must be authorized, and with Certificate Validation, authenticated. SAP recommends using a CertificateValidationLoginModule for mutual authentication. This solution offers maximum DCN or Push security.