Then the app relies purely on the ssl cert of the server, for mitm mitigation. This way, the qr can contain a signed reply to the code, which adds a layer.
Wait, I don't get it. I understand that the server is signing a challenge with a key presumably known to the client. But why can't the app submit the challenge programmatically upon scanning a QR code? It would still verify the signature!
